mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-722 (REST API - Add and remove authorities from roles)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@50347 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
@@ -440,7 +440,7 @@
|
||||
parent="baseService"
|
||||
class="org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanServiceImpl">
|
||||
<!-- NOTE: for some reason we need to grab these references within the class to avoid cyclic Spring issues! -->
|
||||
<!-- <property name="permissionService" ref="permissionService"/> -->
|
||||
<!-- <property name="permissionService" ref="permissionService"/> -->
|
||||
<!-- <property name="nodeDAO" ref="nodeDAO"/> -->
|
||||
<!-- <property name="internalNodeService" ref="nodeService"/> -->
|
||||
<!-- <property name="siteService" ref="SiteService" /> -->
|
||||
@@ -607,8 +607,8 @@
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getUsersAssignedToRole=RM.Read.0
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getGroupsAssignedToRole=RM.Read.0
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getAllAssignedToRole=RM.Read.0
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.assignRoleToAuthority=RM_ALLOW
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.unassignRoleFromAuthority=RM_ALLOW
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.assignRoleToAuthority=RM_CAP.0.rma:filePlanComponent.CreateModifyDestroyUsersAndGroups
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.unassignRoleFromAuthority=RM_CAP.0.rma:filePlanComponent.CreateModifyDestroyUsersAndGroups
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getAllRolesContainerGroup=RM_ALLOW
|
||||
org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.*=RM_DENY
|
||||
]]>
|
||||
@@ -1160,9 +1160,9 @@
|
||||
</value>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- File Plan Authentication Service -->
|
||||
|
||||
|
||||
<bean id="filePlanAuthenticationService"
|
||||
class="org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationServiceImpl">
|
||||
<property name="rmAdminUserName" value="${bootstrap.rmadmin.name}" />
|
||||
|
||||
@@ -539,18 +539,18 @@
|
||||
<property name="siteService" ref="SiteService" />
|
||||
</bean>
|
||||
|
||||
<!-- REST impl for POST Children for RM -->
|
||||
<bean id="webscript.org.alfresco.repository.groups.rm-children.post"
|
||||
class="org.alfresco.repo.web.scripts.groups.RmChildrenPost"
|
||||
<!-- REST impl for POST Authorities for RM -->
|
||||
<bean id="webscript.org.alfresco.repository.roles.rm-authorities.post"
|
||||
class="org.alfresco.repo.web.scripts.roles.RmAuthoritiesPost"
|
||||
parent="webscript">
|
||||
<property name="filePlanService" ref="FilePlanService" />
|
||||
<property name="filePlanRoleService" ref="FilePlanRoleService" />
|
||||
<property name="authorityService" ref="AuthorityService" />
|
||||
</bean>
|
||||
|
||||
<!-- REST impl for DELETE Children for RM -->
|
||||
<bean id="webscript.org.alfresco.repository.groups.rm-children.delete"
|
||||
class="org.alfresco.repo.web.scripts.groups.RmChildrenDelete"
|
||||
<!-- REST impl for DELETE Authorities for RM -->
|
||||
<bean id="webscript.org.alfresco.repository.roles.rm-authorities.delete"
|
||||
class="org.alfresco.repo.web.scripts.roles.RmAuthoritiesDelete"
|
||||
parent="webscript">
|
||||
<property name="filePlanService" ref="FilePlanService" />
|
||||
<property name="filePlanRoleService" ref="FilePlanRoleService" />
|
||||
|
||||
@@ -4,8 +4,8 @@
|
||||
Removes a group or a user from a role.
|
||||
]]>
|
||||
</description>
|
||||
<url>/api/rm/role/{roleId}/children/{authorityName}</url>
|
||||
<url>/api/rm/{store_type}/{store_id}/{id}/role/{roleId}/children/{authorityName}</url>
|
||||
<url>/api/rm/roles/{roleId}/authorities/{authorityName}</url>
|
||||
<url>/api/rm/{store_type}/{store_id}/{id}/roles/{roleId}/authorities/{authorityName}</url>
|
||||
<format default="json">argument</format>
|
||||
<authentication>user</authentication>
|
||||
<transaction>required</transaction>
|
||||
@@ -4,8 +4,8 @@
|
||||
Adds a group or a user to a role.
|
||||
]]>
|
||||
</description>
|
||||
<url>/api/rm/role/{roleId}/children/{authorityName}</url>
|
||||
<url>/api/rm/{store_type}/{store_id}/{id}/role/{roleId}/children/{authorityName}</url>
|
||||
<url>/api/rm/roles/{roleId}/authorities/{authorityName}</url>
|
||||
<url>/api/rm/{store_type}/{store_id}/{id}/roles/{roleId}/authorities/{authorityName}</url>
|
||||
<format default="json">argument</format>
|
||||
<authentication>user</authentication>
|
||||
<transaction>required</transaction>
|
||||
@@ -16,7 +16,7 @@
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.repo.web.scripts.groups;
|
||||
package org.alfresco.repo.web.scripts.roles;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@@ -34,7 +34,7 @@ import org.tuckey.web.filters.urlrewrite.utils.StringUtils;
|
||||
* @author Tuna Aksoy
|
||||
* @since 2.1
|
||||
*/
|
||||
public class RmChildrenAbstract extends RoleDeclarativeWebScript
|
||||
public class AbstractRmAuthorities extends RoleDeclarativeWebScript
|
||||
{
|
||||
/** Constants for the url parameters */
|
||||
private static final String ROLE_ID = "roleId";
|
||||
@@ -16,7 +16,7 @@
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.repo.web.scripts.groups;
|
||||
package org.alfresco.repo.web.scripts.roles;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
@@ -32,7 +32,7 @@ import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||
* @author Tuna Aksoy
|
||||
* @since 2.1
|
||||
*/
|
||||
public class RmChildrenDelete extends RmChildrenAbstract
|
||||
public class RmAuthoritiesDelete extends AbstractRmAuthorities
|
||||
{
|
||||
/**
|
||||
* @see org.springframework.extensions.webscripts.DeclarativeWebScript#executeImpl(org.springframework.extensions.webscripts.WebScriptRequest,
|
||||
@@ -16,7 +16,7 @@
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.repo.web.scripts.groups;
|
||||
package org.alfresco.repo.web.scripts.roles;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
@@ -32,7 +32,7 @@ import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||
* @author Tuna Aksoy
|
||||
* @since 2.1
|
||||
*/
|
||||
public class RmChildrenPost extends RmChildrenAbstract
|
||||
public class RmAuthoritiesPost extends AbstractRmAuthorities
|
||||
{
|
||||
/**
|
||||
* @see org.springframework.extensions.webscripts.DeclarativeWebScript#executeImpl(org.springframework.extensions.webscripts.WebScriptRequest,
|
||||
@@ -27,7 +27,7 @@ import org.alfresco.module.org_alfresco_module_rm.test.webscript.EmailMapScriptT
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.EventRestApiTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RMCaveatConfigScriptTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RMConstraintScriptTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RmChildrenRestApiTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RmAuthoritiesRestApiTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RmClassesRestApiTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RmPropertiesRestApiTest;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.webscript.RoleRestApiTest;
|
||||
@@ -56,7 +56,7 @@ import org.junit.runners.Suite.SuiteClasses;
|
||||
ActionDefinitionsRestApiTest.class,
|
||||
RmClassesRestApiTest.class,
|
||||
RmPropertiesRestApiTest.class,
|
||||
RmChildrenRestApiTest.class
|
||||
RmAuthoritiesRestApiTest.class
|
||||
})
|
||||
public class WebScriptTestSuite
|
||||
{
|
||||
|
||||
@@ -469,7 +469,7 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
|
||||
createPerson(AuthenticationUtil.getSystemUserName(), false);
|
||||
}
|
||||
assertTrue("No person object for System available.", authDao.authorityExists(AuthenticationUtil.getSystemUserName()));
|
||||
|
||||
|
||||
storeRef = StoreRef.STORE_REF_WORKSPACE_SPACESSTORE;
|
||||
rootNodeRef = nodeService.getRootNode(storeRef);
|
||||
|
||||
@@ -486,13 +486,13 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
|
||||
assertNotNull("Could not create base folder", folder);
|
||||
|
||||
siteInfo = siteService.createSite(
|
||||
"rm-site-dashboard",
|
||||
SITE_ID,
|
||||
"title",
|
||||
"descrition",
|
||||
SiteVisibility.PUBLIC,
|
||||
RecordsManagementModel.TYPE_RM_SITE);
|
||||
|
||||
"rm-site-dashboard",
|
||||
SITE_ID,
|
||||
"title",
|
||||
"descrition",
|
||||
SiteVisibility.PUBLIC,
|
||||
RecordsManagementModel.TYPE_RM_SITE);
|
||||
|
||||
filePlan = siteService.getContainer(SITE_ID, RmSiteType.COMPONENT_DOCUMENT_LIBRARY);
|
||||
assertNotNull("Site document library container was not created successfully.", filePlan);
|
||||
|
||||
@@ -544,23 +544,23 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
|
||||
|
||||
rmUserName = GUID.generate();
|
||||
rmUserPerson = createPerson(rmUserName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, "User", rmUserName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_USER, rmUserName);
|
||||
|
||||
powerUserName = GUID.generate();
|
||||
powerUserPerson = createPerson(powerUserName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, "PowerUser", powerUserName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_POWER_USER, powerUserName);
|
||||
|
||||
securityOfficerName = GUID.generate();
|
||||
securityOfficerPerson = createPerson(securityOfficerName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, "SecurityOfficer", securityOfficerName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_SECURITY_OFFICER, securityOfficerName);
|
||||
|
||||
recordsManagerName = GUID.generate();
|
||||
recordsManagerPerson = createPerson(recordsManagerName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, "RecordsManager", recordsManagerName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER, recordsManagerName);
|
||||
|
||||
rmAdminName = GUID.generate();
|
||||
rmAdminPerson = createPerson(rmAdminName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, "Administrator", rmAdminName);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, rmAdminName);
|
||||
|
||||
testUsers = new String[]
|
||||
{
|
||||
@@ -600,7 +600,7 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
|
||||
properties.put(ContentModel.PROP_USERNAME, userName);
|
||||
return personService.createPerson(properties);
|
||||
}
|
||||
|
||||
|
||||
protected NodeRef createPerson(String userName)
|
||||
{
|
||||
return createPerson(userName, true);
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMWebScriptTestCase;
|
||||
import org.alfresco.service.cmr.repository.StoreRef;
|
||||
import org.alfresco.service.cmr.security.AuthorityType;
|
||||
import org.alfresco.util.GUID;
|
||||
import org.json.JSONException;
|
||||
import org.json.JSONObject;
|
||||
import org.springframework.extensions.webscripts.Status;
|
||||
@@ -39,10 +40,10 @@ import org.springframework.extensions.webscripts.TestWebScriptServer.Response;
|
||||
* @author Tuna Aksoy
|
||||
* @since 2.1
|
||||
*/
|
||||
public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
public class RmAuthoritiesRestApiTest extends BaseRMWebScriptTestCase
|
||||
{
|
||||
/** URL for the REST APIs */
|
||||
private static final String RM_CHILDREN_URL = "/api/rm/%s/role/%s/children/%s";
|
||||
private static final String RM_CHILDREN_URL = "/api/rm/%s/roles/%s/authorities/%s";
|
||||
|
||||
/** Constant for the content type */
|
||||
private static final String APPLICATION_JSON = "application/json";
|
||||
@@ -56,9 +57,10 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
public void testRmAddRemoveUser() throws IOException, JSONException
|
||||
{
|
||||
// Create a test user
|
||||
String userName = "geshjsjuasftg";
|
||||
String userName = GUID.generate();
|
||||
createUser(userName);
|
||||
|
||||
// Get the name
|
||||
String name = authorityService.getName(AuthorityType.USER, userName);
|
||||
|
||||
// Check if the user is already assigned to the role
|
||||
@@ -66,7 +68,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
|
||||
// Format url and send request
|
||||
String url = getFormattedUrlString(name);
|
||||
Response response = postRequest(url);
|
||||
Response response = postRequestSuccess(url);
|
||||
|
||||
// Check the content from the response
|
||||
checkContent(response);
|
||||
@@ -75,7 +77,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
assertTrue(getUsersAssignedToRole().contains(name));
|
||||
|
||||
// Remove the user from the role
|
||||
response = deleteRequest(url);
|
||||
response = deleteRequestSuccess(url);
|
||||
|
||||
// Check the content from the response
|
||||
checkContent(response);
|
||||
@@ -96,9 +98,10 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
public void testRmAddRemoveGroup() throws IOException, JSONException
|
||||
{
|
||||
// Create a group
|
||||
String groupName = "arhweurawy";
|
||||
String groupName = GUID.generate();
|
||||
createGroup(groupName);
|
||||
|
||||
// Get the name
|
||||
String name = authorityService.getName(AuthorityType.GROUP, groupName);
|
||||
|
||||
// Check if the group is already assigned to the role
|
||||
@@ -106,7 +109,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
|
||||
// Format url and send request
|
||||
String url = getFormattedUrlString(name);
|
||||
Response response = postRequest(url);
|
||||
Response response = postRequestSuccess(url);
|
||||
|
||||
// Check the content from the response
|
||||
checkContent(response);
|
||||
@@ -115,7 +118,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
assertTrue(getGroupsAssignedToRole().contains(name));
|
||||
|
||||
// Remove the group from the role
|
||||
response = deleteRequest(url);
|
||||
response = deleteRequestSuccess(url);
|
||||
|
||||
// Check the content from the response
|
||||
checkContent(response);
|
||||
@@ -124,7 +127,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
assertFalse(getGroupsAssignedToRole().contains(name));
|
||||
|
||||
// Delete the group
|
||||
deleteGroup(groupName);
|
||||
deleteGroup(name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -159,7 +162,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
String storeId = storeRef.getIdentifier();
|
||||
String id = filePlan.getId();
|
||||
|
||||
StringBuffer sb = new StringBuffer();
|
||||
StringBuffer sb = new StringBuffer(32);
|
||||
sb.append(storeType);
|
||||
sb.append("/");
|
||||
sb.append(storeId);
|
||||
@@ -188,7 +191,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
* @throws UnsupportedEncodingException
|
||||
* @throws IOException
|
||||
*/
|
||||
private Response postRequest(String url) throws UnsupportedEncodingException, IOException
|
||||
private Response postRequestSuccess(String url) throws UnsupportedEncodingException, IOException
|
||||
{
|
||||
return sendRequest(new PostRequest(url, new JSONObject().toString(), APPLICATION_JSON), Status.STATUS_OK);
|
||||
}
|
||||
@@ -200,7 +203,7 @@ public class RmChildrenRestApiTest extends BaseRMWebScriptTestCase
|
||||
* @return Returns the response from the server
|
||||
* @throws IOException
|
||||
*/
|
||||
private Response deleteRequest(String url) throws IOException
|
||||
private Response deleteRequestSuccess(String url) throws IOException
|
||||
{
|
||||
return sendRequest(new DeleteRequest(url), Status.STATUS_OK);
|
||||
}
|
||||
Reference in New Issue
Block a user