* Useful when testing using mocks. - * + * * @author Roy Wetherall * @since 2.3 */ @@ -53,46 +54,58 @@ public class AuthenticationUtil { return org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(runAsWork, uid); } - + /** * Helper method that gets the fully authenticated user. *
* Useful when testing using mocks. - * + * * @see org.alfresco.repo.security.authentication.AuthenticationUtil#getFullyAuthenticatedUser() */ public String getFullyAuthenticatedUser() { return org.alfresco.repo.security.authentication.AuthenticationUtil.getFullyAuthenticatedUser(); } - + /** * Helper method that gets the admin user name. *
* Useful when testing using mocks.
- *
+ *
* @see org.alfresco.repo.security.authentication.AuthenticationUtil#getAdminUserName()
*/
public String getAdminUserName()
{
return org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName();
}
-
+
/**
* Helper method that gets the system user name.
- *
+ *
* @see org.alfresco.repo.security.authentication.AuthenticationUtil#getSystemUserName()
*/
public String getSystemUserName()
{
return org.alfresco.repo.security.authentication.AuthenticationUtil.getSystemUserName();
}
-
+
/**
* @see org.alfresco.repo.security.authentication.AuthenticationUtil#isRunAsUserTheSystemUser()
*/
public boolean isRunAsUserTheSystemUser()
{
- return org.alfresco.repo.security.authentication.AuthenticationUtil.isRunAsUserTheSystemUser();
+ return org.alfresco.repo.security.authentication.AuthenticationUtil.isRunAsUserTheSystemUser();
+ }
+
+ /**
+ * Helper method to get the user that is currently in effect for purposes of authentication. This includes any
+ * overlays introduced by {@link #runAs}.
+ *
+ * @return Returns the name of the user
+ * @throws AuthenticationException
+ */
+ public String getRunAsUser() throws AuthenticationException
+ {
+ return org.alfresco.repo.security.authentication.AuthenticationUtil.getRunAsUser();
}
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
index 05e6086780..1c5d0b6c3f 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
@@ -118,7 +118,7 @@ public class SecurityClearanceServiceImplUnitTest
// Create the authorised user.
String authorisedUserName = "authorisedUser";
- when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn(authorisedUserName);
+ when(mockAuthenticationUtil.getRunAsUser()).thenReturn(authorisedUserName);
NodeRef authorisedPersonNode = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, authorisedUserName);
PersonInfo authorisedPersonInfo = new PersonInfo(authorisedPersonNode, authorisedUserName, "first", "last");
when(mockPersonService.getPerson(authorisedUserName, false)).thenReturn(authorisedPersonNode);
@@ -167,7 +167,7 @@ public class SecurityClearanceServiceImplUnitTest
// Create the user attempting to use the API with "Confidential" clearance.
String userName = "unauthorisedUser";
- when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn(userName);
+ when(mockAuthenticationUtil.getRunAsUser()).thenReturn(userName);
NodeRef personNode = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, userName);
PersonInfo personInfo = new PersonInfo(personNode, userName, "first", "last");
when(mockPersonService.getPerson(userName, false)).thenReturn(personNode);
@@ -199,7 +199,7 @@ public class SecurityClearanceServiceImplUnitTest
when(mockClassificationLevelManager.findLevelById("2")).thenReturn(secret);
createMockPerson("Cleared", "Cleared", "Cleared", "2");
- when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn("Uncleared");
+ when(mockAuthenticationUtil.getRunAsUser()).thenReturn("Cleared");
when(mockClearanceLevelManager.findLevelByClassificationLevelId("2")).thenReturn(new ClearanceLevel(secret, "Secret"));
// The authenticated user's clearance level is high enough to view the classification.
@@ -220,7 +220,7 @@ public class SecurityClearanceServiceImplUnitTest
when(mockClassificationLevelManager.findLevelById("2")).thenReturn(secret);
createMockPerson("Uncleared", "Uncleared", "Uncleared", ClassificationLevelManager.UNCLASSIFIED_ID);
- when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn("Uncleared");
+ when(mockAuthenticationUtil.getRunAsUser()).thenReturn("Uncleared");
when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID)).thenReturn(ClearanceLevelManager.NO_CLEARANCE);
// The authenticated user's clearance level not high enough.
@@ -238,8 +238,8 @@ public class SecurityClearanceServiceImplUnitTest
@Test public void isCurrentUserClearedForClassification_classificationNotFound()
{
ClassificationLevel topSecret = new ClassificationLevel("1", "TopSecret");
- createMockPerson("Uncleared", "Uncleared", "Uncleared", "1");
- when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn("Uncleared");
+ createMockPerson("Cleared", "Cleared", "Cleared", "1");
+ when(mockAuthenticationUtil.getRunAsUser()).thenReturn("Cleared");
when(mockClearanceLevelManager.findLevelByClassificationLevelId("1")).thenReturn(new ClearanceLevel(topSecret, "TopSecret"));
// Set up the made up classification.
String madeUpId = "Made Up Id";
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java
index 3615a6f7c9..649f723e35 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java
@@ -22,8 +22,8 @@ package org.alfresco.module.org_alfresco_module_rm.test.util;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.doAnswer;
-import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.when;
import org.alfresco.module.org_alfresco_module_rm.util.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
@@ -32,7 +32,7 @@ import org.mockito.stubbing.Answer;
/**
* A helper to initialise a mock {@link AuthenticationUtil}.
- *
+ *
* @author tpage
*/
public class MockAuthenticationUtilHelper
@@ -41,7 +41,7 @@ public class MockAuthenticationUtilHelper
* Set up a Mockito mock AuthenticationUtil so that it executes all methods assuming the user has
* permissions. If the mock is asked for details about the user then it assumes the currently authenticated user is
* "admin".
- *
+ *
* @param mockAuthenticationUtil The mock to initialise.
*/
public static void setup(AuthenticationUtil mockAuthenticationUtil)
@@ -52,7 +52,7 @@ public class MockAuthenticationUtilHelper
/**
* Set up a Mockito mock AuthenticationUtil so that it executes all methods assuming the user has
* permissions.
- *
+ *
* @param mockAuthenticationUtil The mock to initialise.
* @param fullyAuthenticatedUser The name of the user that last authenticated.
*/
@@ -87,8 +87,9 @@ public class MockAuthenticationUtilHelper
}).when(mockAuthenticationUtil).