diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/capability/rm-capabilities-disposition-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/capability/rm-capabilities-disposition-context.xml
index 9df8c9a2a6..8a35357f96 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/capability/rm-capabilities-disposition-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/capability/rm-capabilities-disposition-context.xml
@@ -210,6 +210,7 @@
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
index 7895f20541..79702d97ef 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
@@ -426,6 +426,8 @@
UNFILED_RECORD_FOLDER
HOLD_CONTAINER
HOLD
+ TRANSFER
+ TRANSFER_CONTAINER
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/TransferCompleteAction.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/TransferCompleteAction.java
index 0304e1521b..527175bc81 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/TransferCompleteAction.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/TransferCompleteAction.java
@@ -36,6 +36,9 @@ public class TransferCompleteAction extends RMActionExecuterAbstractBase
/** I18N */
private static final String MSG_NODE_NOT_TRANSFER = "rm.action.node-not-transfer";
+ /** Action name */
+ public static final String NAME = "transferComplete";
+
/** Transfer service */
private TransferService transferService;
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluator.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluator.java
index 06a89aa953..56cb735b6a 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluator.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluator.java
@@ -22,9 +22,13 @@ import java.util.List;
import org.alfresco.module.org_alfresco_module_rm.jscript.app.BaseEvaluator;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.namespace.RegexQNamePattern;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
/**
* Evaluates whether the node in question is transferring is either a transfer or accession.
@@ -33,6 +37,9 @@ import org.alfresco.service.namespace.RegexQNamePattern;
*/
public class TransferEvaluator extends BaseEvaluator
{
+ /** Logger */
+ private static Log logger = LogFactory.getLog(TransferEvaluator.class);
+
/** indicates whether we are looking for accessions or transfers */
private boolean transferAccessionIndicator = false;
@@ -55,8 +62,18 @@ public class TransferEvaluator extends BaseEvaluator
NodeRef transfer = getTransferNodeRef(nodeRef);
if (transfer != null)
{
- boolean actual = ((Boolean)nodeService.getProperty(transfer, RecordsManagementModel.PROP_TRANSFER_ACCESSION_INDICATOR)).booleanValue();
- result = (actual == transferAccessionIndicator);
+ try
+ {
+ boolean actual = ((Boolean)nodeService.getProperty(transfer, RecordsManagementModel.PROP_TRANSFER_ACCESSION_INDICATOR)).booleanValue();
+ result = (actual == transferAccessionIndicator);
+ }
+ catch (AccessDeniedException ade)
+ {
+ logger.info("The user '"
+ + AuthenticationUtil.getFullyAuthenticatedUser()
+ + "' does not have permissions on the node '"
+ + transfer + "'.");
+ }
}
return result;
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
index dff4959767..2822e6d124 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
@@ -308,13 +308,31 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
public void onCreateTransfer(final ChildAssociationRef childAssocRef)
{
mandatory("childAssocRef", childAssocRef);
- NodeRef childRef = childAssocRef.getChildRef();
+
+ final NodeRef childRef = childAssocRef.getChildRef();
setupPermissions(childAssocRef.getParentRef(), childRef);
- // Give read permissions for all RM roles for the transfer folders (see RM-1800).
- // This behaviour will be changed once the add manage permission option is added in the UI for the transfers containers.
- NodeRef filePlan = getFilePlanService().getFilePlan(childRef);
- String allRoles = getFilePlanRoleService().getAllRolesContainerGroup(filePlan);
- getPermissionService().setPermission(childRef, allRoles, READ_RECORDS, true);
+
+ final String user = AuthenticationUtil.getFullyAuthenticatedUser();
+
+ final boolean hasUserPermission = authenticationUtil.runAs(new AuthenticationUtil.RunAsWork()
+ {
+ public Boolean doWork()
+ {
+ return getPermissionService().hasPermission(childRef, RMPermissionModel.FILING) == AccessStatus.ALLOWED;
+ }
+ }, user);
+
+ if (!hasUserPermission)
+ {
+ authenticationUtil.runAsSystem(new AuthenticationUtil.RunAsWork()
+ {
+ public Void doWork()
+ {
+ getPermissionService().setPermission(childRef, user, RMPermissionModel.FILING, true);
+ return null;
+ }
+ });
+ }
}
/**
@@ -545,7 +563,7 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
private boolean canPerformPermissionAction(NodeRef nodeRef)
{
- return isFilePlanContainer(nodeRef) || isRecordFolder(nodeRef) || isRecord(nodeRef);
+ return isFilePlanContainer(nodeRef) || isRecordFolder(nodeRef) || isRecord(nodeRef) || isTransfer(nodeRef);
}
/**
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/IntegrationTestSuite.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/IntegrationTestSuite.java
index 2c7c2b723a..9fc384de39 100755
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/IntegrationTestSuite.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/IntegrationTestSuite.java
@@ -53,7 +53,8 @@ import org.junit.runners.Suite.SuiteClasses;
JobTestSuite.class,
HoldTestSuite.class,
VersionTestSuite.class,
- RelationshipTestSuite.class
+ RelationshipTestSuite.class/*,
+ TransferTestSuite.class*/
})
public class IntegrationTestSuite
{
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/CreateTransferFolderAsNonAdminUser.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/CreateTransferFolderAsNonAdminUser.java
new file mode 100644
index 0000000000..4409db99e8
--- /dev/null
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/CreateTransferFolderAsNonAdminUser.java
@@ -0,0 +1,157 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.integration.transfer;
+
+import static org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction.PARAM_EVENT_NAME;
+import static org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.ROLE_RECORDS_MANAGER;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_AUTHORITY;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_INSTRUCTIONS;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_EVENT_NAME;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.runAs;
+import static org.alfresco.repo.site.SiteModel.SITE_CONSUMER;
+import static org.alfresco.service.cmr.security.AccessStatus.ALLOWED;
+import static org.alfresco.util.GUID.generate;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CutOffAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.TransferAction;
+import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
+import org.alfresco.service.cmr.repository.NodeRef;
+
+/**
+ * Test case which shows that the user who creates the transfer gets filing permissions granted.
+ *
+ * @author Tuna Aksoy
+ * @since 2.3
+ */
+public class CreateTransferFolderAsNonAdminUser extends BaseRMTestCase
+{
+ // Test user
+ private String testUser = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isUserTest()
+ */
+ @Override
+ protected boolean isUserTest()
+ {
+ return true;
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#setupTestUsersImpl(org.alfresco.service.cmr.repository.NodeRef)
+ */
+ @Override
+ protected void setupTestUsersImpl(NodeRef filePlan)
+ {
+ super.setupTestUsersImpl(filePlan);
+
+ // Create test user
+ testUser = generate();
+ createPerson(testUser);
+
+ // Join the RM site
+ siteService.setMembership(siteId, testUser, SITE_CONSUMER);
+
+ // Add the test user to RM Records Manager role
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser);
+ }
+
+ public void testCreateTransferFolderAsNonAdminUser()
+ {
+ doBehaviourDrivenTest(new BehaviourDrivenTest(testUser)
+ {
+ // Records folder
+ private NodeRef recordsFolder = null;
+
+ // Transfer folder
+ private NodeRef transferFolder = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
+ */
+ @Override
+ public void given()
+ {
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Create category
+ NodeRef category = filePlanService.createRecordCategory(filePlan, generate());
+
+ // Give filing permissions for the test users on the category
+ filePlanPermissionService.setPermission(category, testUser, FILING);
+
+ // Create disposition schedule
+ utils.createDispositionSchedule(category, DEFAULT_DISPOSITION_INSTRUCTIONS, DEFAULT_DISPOSITION_AUTHORITY, false, true, true);
+
+ // Create folder
+ recordsFolder = recordFolderService.createRecordFolder(category, generate());
+
+ // Make eligible for cut off
+ Map params = new HashMap(1);
+ params.put(PARAM_EVENT_NAME, DEFAULT_EVENT_NAME);
+ rmActionService.executeRecordsManagementAction(recordsFolder, CompleteEventAction.NAME, params);
+
+ // Cut off folder
+ rmActionService.executeRecordsManagementAction(recordsFolder, CutOffAction.NAME);
+
+ return null;
+ }
+ }, getAdminUserName());
+
+ // FIXME: This step should be executed in "when()".
+ transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
+ */
+ @Override
+ public void when()
+ {
+ // FIXME: If the transfer step is executed here the test fails?!?
+ //transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
+ */
+ @Override
+ public void then()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // User should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if the user has filing permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, FILING));
+ }
+ });
+ }
+}
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/FilingPermissionsOnTransferFolder.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/FilingPermissionsOnTransferFolder.java
new file mode 100644
index 0000000000..77778bad8d
--- /dev/null
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/FilingPermissionsOnTransferFolder.java
@@ -0,0 +1,192 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.integration.transfer;
+
+import static org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction.PARAM_EVENT_NAME;
+import static org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.ROLE_RECORDS_MANAGER;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_AUTHORITY;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_INSTRUCTIONS;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_EVENT_NAME;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.runAs;
+import static org.alfresco.repo.site.SiteModel.SITE_CONSUMER;
+import static org.alfresco.service.cmr.security.AccessStatus.ALLOWED;
+import static org.alfresco.util.GUID.generate;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CutOffAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.TransferAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.TransferCompleteAction;
+import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
+import org.alfresco.service.cmr.repository.NodeRef;
+
+/**
+ * Test case which shows that the user who did not create a transfer folder will
+ * be able to see and action on it if he gets filing permission on the transfer folder.
+ *
+ * @author Tuna Aksoy
+ * @since 2.3
+ */
+public class FilingPermissionsOnTransferFolder extends BaseRMTestCase
+{
+ // Test users
+ private String testUser1 = null;
+ private String testUser2 = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isUserTest()
+ */
+ @Override
+ protected boolean isUserTest()
+ {
+ return true;
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#setupTestUsersImpl(org.alfresco.service.cmr.repository.NodeRef)
+ */
+ @Override
+ protected void setupTestUsersImpl(NodeRef filePlan)
+ {
+ super.setupTestUsersImpl(filePlan);
+
+ // Create test users
+ testUser1 = generate();
+ createPerson(testUser1);
+ testUser2 = generate();
+ createPerson(testUser2);
+
+ // Join the RM site
+ siteService.setMembership(siteId, testUser1, SITE_CONSUMER);
+ siteService.setMembership(siteId, testUser2, SITE_CONSUMER);
+
+ // Add the test users to RM Records Manager role
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser1);
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser2);
+ }
+
+ public void testFilingPermissionsOnTransferFolder()
+ {
+ doBehaviourDrivenTest(new BehaviourDrivenTest(testUser1)
+ {
+ // Records folder
+ private NodeRef recordsFolder = null;
+
+ // Transfer folder
+ private NodeRef transferFolder = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
+ */
+ @Override
+ public void given()
+ {
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Create category
+ NodeRef category = filePlanService.createRecordCategory(filePlan, generate());
+
+ // Give filing permissions for the test users on the category
+ filePlanPermissionService.setPermission(category, testUser1, FILING);
+ filePlanPermissionService.setPermission(category, testUser2, FILING);
+
+ // Create disposition schedule
+ utils.createDispositionSchedule(category, DEFAULT_DISPOSITION_INSTRUCTIONS, DEFAULT_DISPOSITION_AUTHORITY, false, true, true);
+
+ // Create folder
+ recordsFolder = recordFolderService.createRecordFolder(category, generate());
+
+ // Make eligible for cut off
+ Map params = new HashMap(1);
+ params.put(PARAM_EVENT_NAME, DEFAULT_EVENT_NAME);
+ rmActionService.executeRecordsManagementAction(recordsFolder, CompleteEventAction.NAME, params);
+
+ // Cut off folder
+ rmActionService.executeRecordsManagementAction(recordsFolder, CutOffAction.NAME);
+
+ return null;
+ }
+ }, getAdminUserName());
+
+ // FIXME: This step should be executed in "when()".
+ transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
+ */
+ @Override
+ public void when()
+ {
+ // FIXME: If the transfer step is executed here the test fails.
+ //transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+
+ // Give testUser2 filing permissions on transfer folder
+ filePlanPermissionService.setPermission(transferFolder, testUser2, FILING);
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
+ */
+ @Override
+ public void then()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // testUser1 should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if testUser1 has filing permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, FILING));
+
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // testUser2 should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if testUser2 has read permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, READ_RECORDS));
+
+ // Check if testUser2 has filing permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, FILING));
+
+ // FIXME: Should be able to execute the action. Failing intermittently.
+ // Execute transfer complete action as testUser2 who has filing permissions on the transfer folder
+ rmActionService.executeRecordsManagementAction(transferFolder, TransferCompleteAction.NAME);
+
+ return null;
+ }
+ }, testUser2);
+ }
+ });
+ }
+}
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/NoPermissionsOnTransferFolder.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/NoPermissionsOnTransferFolder.java
new file mode 100644
index 0000000000..4ac4cf4fba
--- /dev/null
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/NoPermissionsOnTransferFolder.java
@@ -0,0 +1,181 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.integration.transfer;
+
+import static org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction.PARAM_EVENT_NAME;
+import static org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.ROLE_RECORDS_MANAGER;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_AUTHORITY;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_INSTRUCTIONS;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_EVENT_NAME;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.runAs;
+import static org.alfresco.repo.site.SiteModel.SITE_CONSUMER;
+import static org.alfresco.service.cmr.security.AccessStatus.ALLOWED;
+import static org.alfresco.service.cmr.security.AccessStatus.DENIED;
+import static org.alfresco.util.GUID.generate;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CutOffAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.TransferAction;
+import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
+import org.alfresco.service.cmr.repository.NodeRef;
+
+/**
+ * Test case which shows that the user who did not create a transfer folder will not be able to see it.
+ *
+ * @author Tuna Aksoy
+ * @since 2.3
+ */
+public class NoPermissionsOnTransferFolder extends BaseRMTestCase
+{
+ // Test users
+ private String testUser1 = null;
+ private String testUser2 = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isUserTest()
+ */
+ @Override
+ protected boolean isUserTest()
+ {
+ return true;
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#setupTestUsersImpl(org.alfresco.service.cmr.repository.NodeRef)
+ */
+ @Override
+ protected void setupTestUsersImpl(NodeRef filePlan)
+ {
+ super.setupTestUsersImpl(filePlan);
+
+ // Create test users
+ testUser1 = generate();
+ createPerson(testUser1);
+ testUser2 = generate();
+ createPerson(testUser2);
+
+ // Join the RM site
+ siteService.setMembership(siteId, testUser1, SITE_CONSUMER);
+ siteService.setMembership(siteId, testUser2, SITE_CONSUMER);
+
+ // Add the test users to RM Records Manager role
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser1);
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser2);
+ }
+
+ public void testNoPermissionsOnTransferFolder()
+ {
+ doBehaviourDrivenTest(new BehaviourDrivenTest(testUser1)
+ {
+ // Records folder
+ private NodeRef recordsFolder = null;
+
+ // Transfer folder
+ private NodeRef transferFolder = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
+ */
+ @Override
+ public void given()
+ {
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Create category
+ NodeRef category = filePlanService.createRecordCategory(filePlan, generate());
+
+ // Give filing permissions for the test users on the category
+ filePlanPermissionService.setPermission(category, testUser1, FILING);
+ filePlanPermissionService.setPermission(category, testUser2, FILING);
+
+ // Create disposition schedule
+ utils.createDispositionSchedule(category, DEFAULT_DISPOSITION_INSTRUCTIONS, DEFAULT_DISPOSITION_AUTHORITY, false, true, true);
+
+ // Create folder
+ recordsFolder = recordFolderService.createRecordFolder(category, generate());
+
+ // Make eligible for cut off
+ Map params = new HashMap(1);
+ params.put(PARAM_EVENT_NAME, DEFAULT_EVENT_NAME);
+ rmActionService.executeRecordsManagementAction(recordsFolder, CompleteEventAction.NAME, params);
+
+ // Cut off folder
+ rmActionService.executeRecordsManagementAction(recordsFolder, CutOffAction.NAME);
+
+ return null;
+ }
+ }, getAdminUserName());
+
+ // FIXME: This step should be executed in "when()".
+ transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
+ */
+ @Override
+ public void when()
+ {
+ // FIXME: If the transfer step is executed here the test fails.
+ //transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
+ */
+ @Override
+ public void then()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // testUser1 should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if testUser1 has filing permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, FILING));
+
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // testUser2 should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if testUser2 has read permissions on the transfer folder
+ assertEquals(DENIED, permissionService.hasPermission(transferFolder, READ_RECORDS));
+
+ return null;
+ }
+ }, testUser2);
+ }
+ });
+ }
+}
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/ReadPermissionsOnTransferFolder.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/ReadPermissionsOnTransferFolder.java
new file mode 100644
index 0000000000..2ad2e58d49
--- /dev/null
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/ReadPermissionsOnTransferFolder.java
@@ -0,0 +1,201 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.integration.transfer;
+
+import static org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction.PARAM_EVENT_NAME;
+import static org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.ROLE_RECORDS_MANAGER;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_AUTHORITY;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_DISPOSITION_INSTRUCTIONS;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.CommonRMTestUtils.DEFAULT_EVENT_NAME;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName;
+import static org.alfresco.repo.security.authentication.AuthenticationUtil.runAs;
+import static org.alfresco.repo.site.SiteModel.SITE_CONSUMER;
+import static org.alfresco.service.cmr.security.AccessStatus.ALLOWED;
+import static org.alfresco.service.cmr.security.AccessStatus.DENIED;
+import static org.alfresco.util.GUID.generate;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.CutOffAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.TransferAction;
+import org.alfresco.module.org_alfresco_module_rm.action.impl.TransferCompleteAction;
+import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
+import org.alfresco.repo.security.permissions.AccessDeniedException;
+import org.alfresco.service.cmr.repository.NodeRef;
+
+/**
+ * Test case which shows that the user who did not create a transfer folder will
+ * be able to see the transfer folder if he gets read permissions, but will not
+ * be able to action on it.
+ *
+ * @author Tuna Aksoy
+ * @since 2.3
+ */
+public class ReadPermissionsOnTransferFolder extends BaseRMTestCase
+{
+ // Test users
+ private String testUser1 = null;
+ private String testUser2 = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isUserTest()
+ */
+ @Override
+ protected boolean isUserTest()
+ {
+ return true;
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#setupTestUsersImpl(org.alfresco.service.cmr.repository.NodeRef)
+ */
+ @Override
+ protected void setupTestUsersImpl(NodeRef filePlan)
+ {
+ super.setupTestUsersImpl(filePlan);
+
+ // Create test users
+ testUser1 = generate();
+ createPerson(testUser1);
+ testUser2 = generate();
+ createPerson(testUser2);
+
+ // Join the RM site
+ siteService.setMembership(siteId, testUser1, SITE_CONSUMER);
+ siteService.setMembership(siteId, testUser2, SITE_CONSUMER);
+
+ // Add the users to RM Records Manager role
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser1);
+ filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_RECORDS_MANAGER, testUser2);
+ }
+
+ public void testReadPermissionsOnTransferFolder()
+ {
+ doBehaviourDrivenTest(new BehaviourDrivenTest(testUser1)
+ {
+ // Records folder
+ private NodeRef recordsFolder = null;
+
+ // Transfer folder
+ private NodeRef transferFolder = null;
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
+ */
+ @Override
+ public void given()
+ {
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Create category
+ NodeRef category = filePlanService.createRecordCategory(filePlan, generate());
+
+ // Give filing permissions for the test users on the category
+ filePlanPermissionService.setPermission(category, testUser1, FILING);
+ filePlanPermissionService.setPermission(category, testUser2, FILING);
+
+ // Create disposition schedule
+ utils.createDispositionSchedule(category, DEFAULT_DISPOSITION_INSTRUCTIONS, DEFAULT_DISPOSITION_AUTHORITY, false, true, true);
+
+ // Create folder
+ recordsFolder = recordFolderService.createRecordFolder(category, generate());
+
+ // Make eligible for cut off
+ Map params = new HashMap(1);
+ params.put(PARAM_EVENT_NAME, DEFAULT_EVENT_NAME);
+ rmActionService.executeRecordsManagementAction(recordsFolder, CompleteEventAction.NAME, params);
+
+ // Cut off folder
+ rmActionService.executeRecordsManagementAction(recordsFolder, CutOffAction.NAME);
+
+ return null;
+ }
+ }, getAdminUserName());
+
+ // FIXME: This step should be executed in "when()".
+ transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
+ */
+ @Override
+ public void when()
+ {
+ // FIXME: If the transfer step is executed here the test fails.
+ //transferFolder = (NodeRef) rmActionService.executeRecordsManagementAction(recordsFolder, TransferAction.NAME).getValue();
+
+ // Give testUser2 read permissions on transfer folder
+ filePlanPermissionService.setPermission(transferFolder, testUser2, READ_RECORDS);
+ }
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
+ */
+ @Override
+ public void then()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // testUser1 should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if testUser1 has filing permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, FILING));
+
+ runAs(new RunAsWork()
+ {
+ public Void doWork()
+ {
+ // Check transfer folder
+ assertNotNull(transferFolder);
+
+ // testUser2 should have read permissions on the transfers container
+ assertEquals(ALLOWED, permissionService.hasPermission(transfersContainer, READ_RECORDS));
+
+ // Check if testUser2 has read permissions on the transfer folder
+ assertEquals(ALLOWED, permissionService.hasPermission(transferFolder, READ_RECORDS));
+
+ // Check if testUser2 filing permissions on the transfer folder
+ assertEquals(DENIED, permissionService.hasPermission(transferFolder, FILING));
+
+ // Try to execute transfer complete action as testUser2 who has no filing permissions on the transfer folder
+ try
+ {
+ rmActionService.executeRecordsManagementAction(transferFolder, TransferCompleteAction.NAME);
+ }
+ catch (AccessDeniedException ade)
+ {
+ // Expected
+ }
+
+ return null;
+ }
+ }, testUser2);
+ }
+ });
+ }
+}
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/TransferTestSuite.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/TransferTestSuite.java
new file mode 100644
index 0000000000..ceb1a8dedb
--- /dev/null
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/transfer/TransferTestSuite.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.integration.transfer;
+
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+import org.junit.runners.Suite.SuiteClasses;
+
+/**
+ * Transfer test suite
+ *
+ * @author Tuna Aksoy
+ * @since 2.3
+ */
+@RunWith(Suite.class)
+@SuiteClasses(
+{
+ CreateTransferFolderAsNonAdminUser.class,
+ FilingPermissionsOnTransferFolder.class,
+ NoPermissionsOnTransferFolder.class,
+ ReadPermissionsOnTransferFolder.class
+})
+public class TransferTestSuite
+{
+
+}