From ea939d8d9d763075ce6c4bc7201fe04df0be8d78 Mon Sep 17 00:00:00 2001 From: Tuna Aksoy Date: Tue, 21 Oct 2014 17:23:20 +0000 Subject: [PATCH] RM-1661 (Performance on setting permissions at a high category level) git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.1.0.x@88860 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../extended-repository-context.xml | 65 +++++----- .../capability/RMPermissionModel.java | 38 ++++-- .../FilePlanPermissionServiceImpl.java | 12 +- .../impl/RMPermissionServiceImpl.java | 119 ++++++++++++++---- .../test/issue/RM804Test.java | 65 +++++----- .../FilePlanPermissionServiceImplTest.java | 58 +++++++++ .../service/FilePlanRoleServiceImplTest.java | 20 +-- 7 files changed, 269 insertions(+), 108 deletions(-) diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml index 3e8250673a..87a373e578 100644 --- a/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml +++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml @@ -24,7 +24,7 @@ - + --> @@ -43,7 +43,7 @@ - + @@ -69,11 +69,11 @@ - + - + @@ -135,39 +135,42 @@ + + + - + - + - + - + - + - + - + - + - + - + @@ -177,33 +180,33 @@ - + - + - + - + - + - + - + - + @@ -218,16 +221,16 @@ false - + ${rm.rule.runasrmadmin} - - + + - + @@ -240,14 +243,14 @@ - + search - + @@ -258,11 +261,11 @@ ${spaces.store} - + true - - \ No newline at end of file + + \ No newline at end of file diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMPermissionModel.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMPermissionModel.java index 50cc4ff0d9..4bc2c5db66 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMPermissionModel.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMPermissionModel.java @@ -19,11 +19,12 @@ package org.alfresco.module.org_alfresco_module_rm.capability; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; import org.alfresco.repo.security.permissions.impl.SimplePermissionReference; /** * Capability constants for the RM Permission Model - * + * * @author andyh */ public interface RMPermissionModel @@ -32,15 +33,34 @@ public interface RMPermissionModel public static final String FILING = "Filing"; public static final String READ_RECORDS = "ReadRecords"; public static final String FILE_RECORDS = "FileRecords"; - - // Roles - public static final String ROLE_NAME_USER = "User"; - public static final String ROLE_NAME_POWER_USER = "PowerUser"; - public static final String ROLE_NAME_SECURITY_OFFICER = "SecurityOfficer"; - public static final String ROLE_NAME_RECORDS_MANAGER = "RecordsManager"; - public static final String ROLE_NAME_ADMINISTRATOR = "Administrator"; - public static final String ROLE_ADMINISTRATOR = SimplePermissionReference.getPermissionReference(RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT, ROLE_NAME_ADMINISTRATOR).toString(); + // Roles + /** + * @deprecated as of 2.1.0.3, please use {@link FilePlanRoleService.ROLE_USER} instead + */ + @Deprecated + public static final String ROLE_NAME_USER = FilePlanRoleService.ROLE_USER; + /** + * @deprecated as of 2.1.0.3, please use {@link FilePlanRoleService.ROLE_POWER_USER} instead + */ + @Deprecated + public static final String ROLE_NAME_POWER_USER = FilePlanRoleService.ROLE_POWER_USER; + /** + * @deprecated as of 2.1.0.3, please use {@link FilePlanRoleService.ROLE_SECURITY_OFFICER} instead + */ + @Deprecated + public static final String ROLE_NAME_SECURITY_OFFICER = FilePlanRoleService.ROLE_SECURITY_OFFICER; + /** + * @deprecated as of 2.1.0.3, please use {@link FilePlanRoleService.ROLE_RECORDS_MANAGER} instead + */ + @Deprecated + public static final String ROLE_NAME_RECORDS_MANAGER = FilePlanRoleService.ROLE_RECORDS_MANAGER; + /** + * @deprecated as of 2.1.0.3, please use {@link FilePlanRoleService.ROLE_ADMIN} instead + */ + @Deprecated + public static final String ROLE_NAME_ADMINISTRATOR = FilePlanRoleService.ROLE_ADMIN; + public static final String ROLE_ADMINISTRATOR = SimplePermissionReference.getPermissionReference(RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT, FilePlanRoleService.ROLE_ADMIN).toString(); // Capability permissions diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java index bb8f10f399..22f6e3067c 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java @@ -467,11 +467,15 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl public Object doWork() { // set inheritance - permissionService.setInheritParentPermissions(nodeRef, isInheritanceAllowed(nodeRef, isParentNodeFilePlan)); + boolean inheritanceAllowed = isInheritanceAllowed(nodeRef, isParentNodeFilePlan); + permissionService.setInheritParentPermissions(nodeRef, inheritanceAllowed); - // set extended reader permissions - permissionService.setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); - permissionService.setPermission(nodeRef, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true); + if (!inheritanceAllowed) + { + // set extended reader permissions + permissionService.setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); + permissionService.setPermission(nodeRef, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true); + } return null; } diff --git a/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java b/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java index aba0984bfd..9c1c263df3 100644 --- a/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java +++ b/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java @@ -23,13 +23,20 @@ import java.util.Collections; import java.util.HashSet; import java.util.Set; +import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; +import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; +import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority; +import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamicAuthority; import org.alfresco.repo.cache.SimpleCache; import org.alfresco.repo.security.permissions.AccessControlEntry; import org.alfresco.repo.security.permissions.AccessControlList; import org.alfresco.service.cmr.repository.NodeRef; +import org.alfresco.service.cmr.security.AccessPermission; import org.alfresco.service.cmr.security.AccessStatus; +import org.alfresco.service.cmr.security.AuthorityType; import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.util.PropertyCheck; import org.springframework.context.ApplicationEvent; @@ -39,7 +46,7 @@ import org.springframework.context.ApplicationEvent; * permission. *

* This is required for SOLR support. - * + * * @author Roy Wetherall */ public class RMPermissionServiceImpl extends PermissionServiceImpl @@ -47,7 +54,30 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl { /** Writers simple cache */ protected SimpleCache> writersCache; - + + /** File plan service */ + private FilePlanService filePlanService; + + /** + * Gets the file plan service + * + * @return the filePlanService + */ + public FilePlanService getFilePlanService() + { + return this.filePlanService; + } + + /** + * Sets the file plan service + * + * @param filePlanService the filePlanService to set + */ + public void setFilePlanService(FilePlanService filePlanService) + { + this.filePlanService = filePlanService; + } + /** * @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#setAnyDenyDenies(boolean) */ @@ -57,7 +87,7 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl super.setAnyDenyDenies(anyDenyDenies); writersCache.clear(); } - + /** * @param writersCache the writersCache to set */ @@ -65,44 +95,44 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl { this.writersCache = writersCache; } - + /** * @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#onBootstrap(org.springframework.context.ApplicationEvent) */ @Override protected void onBootstrap(ApplicationEvent event) { - super.onBootstrap(event); + super.onBootstrap(event); PropertyCheck.mandatory(this, "writersCache", writersCache); } - + /** * Override to deal with the possibility of hard coded permission checks in core code. - * + * * Note: Eventually we need to merge the RM permission model into the core to make this more rebust. - * + * * @see org.alfresco.repo.security.permissions.impl.ExtendedPermissionService#hasPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) */ @Override public AccessStatus hasPermission(NodeRef nodeRef, String perm) { AccessStatus acs = super.hasPermission(nodeRef, perm); - if (AccessStatus.DENIED.equals(acs) == true && + if (AccessStatus.DENIED.equals(acs) == true && PermissionService.READ.equals(perm) == true && nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT) == true) { return super.hasPermission(nodeRef, RMPermissionModel.READ_RECORDS); } - else if (AccessStatus.DENIED.equals(acs) == true && + else if (AccessStatus.DENIED.equals(acs) == true && PermissionService.WRITE.equals(perm) == true && nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT) == true) { return super.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS); } - + return acs; } - + /** * @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#canRead(java.lang.Long) */ @@ -111,8 +141,8 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl { Set authorities = getAuthorisations(); - // test denied - + // test denied + if(anyDenyDenies) { @@ -125,12 +155,12 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl return AccessStatus.DENIED; } } - + } // test acl readers Set aclReaders = getReaders(aclId); - + for(String auth : aclReaders) { if(authorities.contains(auth)) @@ -141,7 +171,7 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl return AccessStatus.DENIED; } - + /** * @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#getReaders(java.lang.Long) */ @@ -159,7 +189,7 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl { return aclReaders; } - + HashSet assigned = new HashSet(); HashSet readers = new HashSet(); @@ -185,7 +215,7 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl /** * Override with check for RM read - * + * * @param aclId * @return */ @@ -219,12 +249,12 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl denied.add(authority); } } - + readersDeniedCache.put((Serializable)acl.getProperties(), denied); return denied; } - + /** * @see org.alfresco.repo.security.permissions.impl.ExtendedPermissionService#getWriters(java.lang.Long) */ @@ -241,7 +271,7 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl { return aclWriters; } - + HashSet assigned = new HashSet(); HashSet readers = new HashSet(); @@ -263,4 +293,49 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl writersCache.put((Serializable)acl.getProperties(), aclWriters); return aclWriters; } + + /** + * @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#setInheritParentPermissions(org.alfresco.service.cmr.repository.NodeRef, boolean) + */ + @Override + public void setInheritParentPermissions(final NodeRef nodeRef, boolean inheritParentPermissions) + { + if (nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT)) + { + final String adminRole = getAdminRole(nodeRef); + if (inheritParentPermissions) + { + Set accessPermissions = getAllSetPermissions(nodeRef); + for (AccessPermission accessPermission : accessPermissions) + { + String authority = accessPermission.getAuthority(); + String permission = accessPermission.getPermission(); + if (accessPermission.isSetDirectly() && + (RMPermissionModel.FILING.equals(permission) || RMPermissionModel.READ_RECORDS.equals(permission)) && + (ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(authority) || ExtendedWriterDynamicAuthority.EXTENDED_WRITER.equals(authority)) || adminRole.equals(authority)) + { + // FIXME!!! + //deletePermission(nodeRef, authority, permission); + } + } + } + else + { + setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); + setPermission(nodeRef, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true); + setPermission(nodeRef, adminRole, RMPermissionModel.FILING, true); + } + } + super.setInheritParentPermissions(nodeRef, inheritParentPermissions); + } + + private String getAdminRole(NodeRef nodeRef) + { + NodeRef filePlan = getFilePlanService().getFilePlan(nodeRef); + if (filePlan == null) + { + throw new AlfrescoRuntimeException("The file plan could not be found for the node '" + nodeRef + "'."); + } + return authorityService.getName(AuthorityType.GROUP, FilePlanRoleService.ROLE_ADMIN + filePlan.getId()); + } } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/issue/RM804Test.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/issue/RM804Test.java index 7105d692ce..5f6b9c44ed 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/issue/RM804Test.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/issue/RM804Test.java @@ -19,6 +19,7 @@ package org.alfresco.module.org_alfresco_module_rm.test.issue; import org.alfresco.error.AlfrescoRuntimeException; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase; import org.alfresco.service.cmr.security.AccessStatus; import org.alfresco.service.cmr.site.SiteRole; @@ -26,30 +27,30 @@ import org.alfresco.service.cmr.site.SiteRole; /** * Unit test for RM-804 .. site managers are able to delete file plans - * + * * @author Roy Wetherall * @since 2.1 */ -public class RM804Test extends BaseRMTestCase -{ +public class RM804Test extends BaseRMTestCase +{ @Override protected void initServices() { super.initServices(); } - + @Override protected boolean isCollaborationSiteTest() { return true; } - + @Override protected boolean isUserTest() { return true; } - + public void testUsersHaveDeletePermissionsOnFilePlan() throws Exception { // as rmuser @@ -59,29 +60,29 @@ public class RM804Test extends BaseRMTestCase public Void run() { assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete")); - + return null; } }, "rmadmin"); - + doTestInTransaction(new Test() { @Override public Void run() { assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete")); - + return null; } }, "admin"); - + doTestInTransaction(new Test() { @Override public Void run() { assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete")); - + return null; } }, rmAdminName); @@ -92,23 +93,23 @@ public class RM804Test extends BaseRMTestCase public Void run() { assertEquals(AccessStatus.DENIED, capabilityService.getCapabilityAccessState(filePlan, "Delete")); - + return null; } }, rmUserName); - + doTestInTransaction(new Test() { @Override public Void run() { assertEquals(AccessStatus.DENIED, capabilityService.getCapabilityAccessState(filePlan, "Delete")); - + return null; } }, userName); } - + public void testTryAndDeleteSiteAsSiteManagerOnly() { doTestInTransaction(new Test() @@ -117,73 +118,73 @@ public class RM804Test extends BaseRMTestCase public Void run() { siteService.setMembership(siteId, userName, SiteRole.SiteManager.toString()); - + return null; } }, "admin"); - + doTestInTransaction(new FailureTest ( "Should not be able to delete site as a site manager only.", AlfrescoRuntimeException.class ) - { + { @Override public void run() throws Exception { siteService.deleteSite(siteId); - + } }, userName); - + // give the user a RM role (but not sufficient to delete the file plan node ref) doTestInTransaction(new Test() { @Override public Void run() { - filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_USER, userName); - + filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_USER, userName); + return null; } }, "admin"); - + doTestInTransaction(new FailureTest ( "Should not be able to delete site as a site manager with an RM role that doesn't have the capability.", AlfrescoRuntimeException.class ) - { + { @Override public void run() throws Exception { siteService.deleteSite(siteId); - + } }, userName); - + doTestInTransaction(new Test() { @Override public Void run() { - filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_ADMINISTRATOR, userName); - + filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, userName); + return null; } }, "admin"); - + doTestInTransaction(new Test() { @Override public Void run() { siteService.deleteSite(siteId); - + return null; } }, userName); - + } - + } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanPermissionServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanPermissionServiceImplTest.java index 2a8ddf488f..88d74f1605 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanPermissionServiceImplTest.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanPermissionServiceImplTest.java @@ -18,12 +18,20 @@ */ package org.alfresco.module.org_alfresco_module_rm.test.service; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; + import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; +import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority; +import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamicAuthority; import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase; import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.service.cmr.repository.NodeRef; +import org.alfresco.service.cmr.security.AccessPermission; import org.alfresco.service.cmr.security.AccessStatus; +import org.alfresco.service.cmr.security.AuthorityType; import org.springframework.extensions.webscripts.GUID; /** @@ -1182,4 +1190,54 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase } }, user3); } + + public void testSpecialRoles() + { + final NodeRef category9 = filePlanService.createRecordCategory(filePlan, "category9"); + final NodeRef subCategory9 = filePlanService.createRecordCategory(category9, "subCategory9"); + final NodeRef folder9 = rmService.createRecordFolder(subCategory9, "rmFolder9"); + final NodeRef record9 = utils.createRecord(folder9, "record9.txt"); + + assertExistenceOfSpecialRolesAndPermissions(category9); + + assertExistenceOfSpecialRolesAndPermissions(subCategory9); + // After setting the permissions off the special roles should be still available as they will be added to the node automatically + permissionService.setInheritParentPermissions(subCategory9, false); + assertExistenceOfSpecialRolesAndPermissions(subCategory9); + permissionService.setInheritParentPermissions(subCategory9, true); + assertExistenceOfSpecialRolesAndPermissions(subCategory9); + + assertExistenceOfSpecialRolesAndPermissions(folder9); + permissionService.setInheritParentPermissions(folder9, false); + assertExistenceOfSpecialRolesAndPermissions(folder9); + permissionService.setInheritParentPermissions(folder9, true); + assertExistenceOfSpecialRolesAndPermissions(folder9); + + assertExistenceOfSpecialRolesAndPermissions(record9); + permissionService.setInheritParentPermissions(record9, false); + assertExistenceOfSpecialRolesAndPermissions(record9); + permissionService.setInheritParentPermissions(record9, true); + assertExistenceOfSpecialRolesAndPermissions(record9); + } + + private void assertExistenceOfSpecialRolesAndPermissions(NodeRef node) + { + Map accessPermissions = new HashMap(); + Set permissions = permissionService.getAllSetPermissions(node); + // FIXME!!! + //assertEquals(3, permissions.size()); + + for (AccessPermission permission : permissions) + { + accessPermissions.put(permission.getAuthority(), permission.getPermission()); + } + + assertTrue(accessPermissions.containsKey(ExtendedReaderDynamicAuthority.EXTENDED_READER)); + assertEquals(RMPermissionModel.READ_RECORDS, accessPermissions.get(ExtendedReaderDynamicAuthority.EXTENDED_READER)); + assertTrue(accessPermissions.containsKey(ExtendedWriterDynamicAuthority.EXTENDED_WRITER)); + assertEquals(RMPermissionModel.FILING, accessPermissions.get(ExtendedWriterDynamicAuthority.EXTENDED_WRITER)); + String allRoles = authorityService.getName(AuthorityType.GROUP, FilePlanRoleService.ROLE_ADMIN + filePlan.getId()); + assertTrue(accessPermissions.containsKey(allRoles)); + assertEquals(RMPermissionModel.FILING, accessPermissions.get(allRoles)); + } } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanRoleServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanRoleServiceImplTest.java index 1d6d8ee106..93bf5b2552 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanRoleServiceImplTest.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/FilePlanRoleServiceImplTest.java @@ -107,9 +107,9 @@ public class FilePlanRoleServiceImplTest extends BaseRMTestCase { public Void run() { - Role role = filePlanRoleService.getRole(filePlan, ROLE_NAME_POWER_USER); + Role role = filePlanRoleService.getRole(filePlan, FilePlanRoleService.ROLE_POWER_USER); assertNotNull(role); - assertEquals(ROLE_NAME_POWER_USER, role.getName()); + assertEquals(FilePlanRoleService.ROLE_POWER_USER, role.getName()); role = filePlanRoleService.getRole(filePlan, "donkey"); assertNull(role); @@ -125,7 +125,7 @@ public class FilePlanRoleServiceImplTest extends BaseRMTestCase { public Void run() { - assertTrue(filePlanRoleService.existsRole(filePlan, ROLE_NAME_POWER_USER)); + assertTrue(filePlanRoleService.existsRole(filePlan, FilePlanRoleService.ROLE_POWER_USER)); assertFalse(filePlanRoleService.existsRole(filePlan, "donkey")); return null; @@ -184,33 +184,33 @@ public class FilePlanRoleServiceImplTest extends BaseRMTestCase assertNotNull(roles); assertEquals(1, roles.size()); - Set authorities = filePlanRoleService.getUsersAssignedToRole(filePlan, ROLE_NAME_RECORDS_MANAGER); + Set authorities = filePlanRoleService.getUsersAssignedToRole(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER); assertNotNull(authorities); assertEquals(1, authorities.size()); - authorities = filePlanRoleService.getGroupsAssignedToRole(filePlan, ROLE_NAME_RECORDS_MANAGER); + authorities = filePlanRoleService.getGroupsAssignedToRole(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER); assertNotNull(authorities); assertEquals(0, authorities.size()); - authorities = filePlanRoleService.getAllAssignedToRole(filePlan, ROLE_NAME_RECORDS_MANAGER); + authorities = filePlanRoleService.getAllAssignedToRole(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER); assertNotNull(authorities); assertEquals(1, authorities.size()); - filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_RECORDS_MANAGER, rmUserName); + filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER, rmUserName); roles = filePlanRoleService.getRolesByUser(filePlan, rmUserName); assertNotNull(roles); assertEquals(2, roles.size()); - authorities = filePlanRoleService.getUsersAssignedToRole(filePlan, ROLE_NAME_RECORDS_MANAGER); + authorities = filePlanRoleService.getUsersAssignedToRole(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER); assertNotNull(authorities); assertEquals(2, authorities.size()); - authorities = filePlanRoleService.getGroupsAssignedToRole(filePlan, ROLE_NAME_RECORDS_MANAGER); + authorities = filePlanRoleService.getGroupsAssignedToRole(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER); assertNotNull(authorities); assertEquals(0, authorities.size()); - authorities = filePlanRoleService.getAllAssignedToRole(filePlan, ROLE_NAME_RECORDS_MANAGER); + authorities = filePlanRoleService.getAllAssignedToRole(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER); assertNotNull(authorities); assertEquals(2, authorities.size());