inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

ACS-9399 Add AGS Roles V1 API (Read) (#3350)

Browse Source 
Co-authored-by: SatyamSah5 <satyam.sah25@rediffmail.com>
Co-authored-by: bsayan2 <sayan.bhattacharya@hyland.com>
This commit is contained in:
Damian Ujma
2025-05-16 18:55:45 +02:00
committed by GitHub
parent c4dcef73e1
commit ee5e34ca32
21 changed files with 1233 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/CapabilityModel.java Normal file
View File

@@ -0,0 +1,30 @@
/*
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2025 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.rm.community.model;
public record CapabilityModel(String name, String title, String description, GroupModel group, int index)
{}

30
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/GroupModel.java Normal file
View File

@@ -0,0 +1,30 @@
/*
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2025 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.rm.community.model;
public record GroupModel(String id, String title)
{}

91
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/role/Role.java Normal file
View File

@@ -0,0 +1,91 @@
/*-
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2025 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.rm.community.model.role;
import java.util.List;
import java.util.Objects;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.alfresco.rest.rm.community.model.CapabilityModel;
import org.alfresco.utility.model.TestModel;
/**
* POJO for role
*/
@Builder
@Data
@NoArgsConstructor
@AllArgsConstructor
public class Role extends TestModel
{
@JsonProperty(required = true)
private String name;
@JsonProperty(required = true)
private List<CapabilityModel> capabilities;
@JsonProperty(required = true)
private String displayLabel;
@JsonProperty(required = true)
private String groupShortName;
private List<String> assignedUsers;
private List<String> assignedGroups;
private String roleGroupName;
@Override
public boolean equals(Object o)
{
if (this == o)
{
return true;
}
if (o == null || getClass() != o.getClass())
{
return false;
}
Role role = (Role) o;
return Objects.equals(name, role.name) && Objects.equals(capabilities, role.capabilities)
&& Objects.equals(displayLabel, role.displayLabel) && Objects.equals(groupShortName, role.groupShortName) && Objects.equals(assignedUsers, role.assignedUsers)
&& Objects.equals(assignedGroups, role.assignedGroups) && Objects.equals(roleGroupName, role.roleGroupName);
}
@Override
public int hashCode()
{
return Objects.hash(name, capabilities, displayLabel, groupShortName, assignedUsers, assignedGroups, roleGroupName);
}
}

32
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/role/RoleCollection.java Normal file
View File

@@ -0,0 +1,32 @@
/*-
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2025 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.rm.community.model.role;
import org.alfresco.rest.core.RestModels;
public class RoleCollection extends RestModels<RoleEntry, RoleCollection>
{}

47
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/role/RoleEntry.java Normal file
View File

@@ -0,0 +1,47 @@
/*-
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2025 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.rm.community.model.role;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.NoArgsConstructor;
import org.alfresco.rest.core.RestModels;
@Builder
@Data
@EqualsAndHashCode(callSuper = true)
@NoArgsConstructor
@AllArgsConstructor
public class RoleEntry extends RestModels<Role, RoleEntry>
{
@JsonProperty
private Role entry;
}

2
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserRoles.java
View File

@@ -35,7 +35,7 @@ package org.alfresco.rest.rm.community.model.user;
*/
public enum UserRoles
{
IN_PLACE_WRITERS("ExtendedWriters", "In-Place Writers"), ROLE_RM_ADMIN("Administrator", "Records Management Administrator"), ROLE_RM_MANAGER("RecordsManager", "Records Management Manager"), ROLE_RM_POWER_USER("PowerUser", "Records Management Power User"), ROLE_RM_SECURITY_OFFICER("SecurityOfficer", "Records Management Security Officer"), ROLE_RM_USER("User", "Records Management User");
IN_PLACE_WRITERS("ExtendedWriters", "In-Place Writers"), ROLE_RM_ADMIN("Administrator", "Records Management Administrator"), ROLE_RM_MANAGER("RecordsManager", "Records Management Manager"), ROLE_RM_POWER_USER("PowerUser", "Records Management Power User"), ROLE_RM_SECURITY_OFFICER("SecurityOfficer", "Records Management Security Officer"), ROLE_RM_USER("User", "Records Management User"), IN_PLACE_READERS("ExtendedReaders", "In-Place Readers");
public final String roleId;
public final String displayName;

36
amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/FilePlanAPI.java
View File

@@ -43,6 +43,7 @@ import org.alfresco.rest.rm.community.model.hold.Hold;
import org.alfresco.rest.rm.community.model.hold.HoldCollection;
import org.alfresco.rest.rm.community.model.recordcategory.RecordCategory;
import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryCollection;
import org.alfresco.rest.rm.community.model.role.RoleCollection;
import org.alfresco.rest.rm.community.requests.RMModelRequest;
/**
@@ -303,4 +304,39 @@ public class FilePlanAPI extends RMModelRequest
{
return getHolds(filePlanId, EMPTY);
}
/**
* Gets the roles of a file plan.
*
* @param filePlanId
* The identifier of a file plan
* @param parameters
* The URL parameters to add
* @return The {Pagination and RoleModel Entries} for the given {@code filePlanId}
* @throws RuntimeException
* for the following cases:
* <ul>
* <li>authentication fails</li>
* <li>current user does not have permission to read {@code filePlanId}</li>
* <li>{@code filePlanId} does not exist</li>
* </ul>
*/
public RoleCollection getFilePlanRoles(String filePlanId, String parameters)
{
mandatoryString("filePlanId", filePlanId);
return getRmRestWrapper().processModels(RoleCollection.class, simpleRequest(
GET,
"file-plans/{filePlanId}/roles?{parameters}",
filePlanId,
parameters));
}
/**
* See {@link #getFilePlanRoles(String, String)}
*/
public RoleCollection getFilePlanRoles(String filePlanId)
{
return getFilePlanRoles(filePlanId, EMPTY);
}
}

5
amps/ags/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java
View File

@@ -93,6 +93,7 @@ import org.alfresco.rest.rm.community.requests.gscore.api.RecordsAPI;
import org.alfresco.rest.search.RestRequestQueryModel;
import org.alfresco.rest.search.SearchNodeModel;
import org.alfresco.rest.search.SearchRequest;
import org.alfresco.rest.v0.RMRolesAndActionsAPI;
import org.alfresco.rest.v0.SearchAPI;
import org.alfresco.utility.Utility;
import org.alfresco.utility.data.DataUserAIS;
@@ -127,6 +128,10 @@ public class BaseRMRestTest extends RestTest
@Getter(value = PROTECTED)
private SearchAPI searchApi;
@Autowired
@Getter(PROTECTED)
private RMRolesAndActionsAPI rmRolesAndActionsV0API;
protected static final String iso8601_DateFormat = "yyyy-MM-dd'T'HH:mm:ss.SSSXXX";
/**

184
amps/ags/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/fileplans/FilePlanTests.java
View File

@@ -28,6 +28,7 @@ package org.alfresco.rest.rm.community.fileplans;
import static java.util.Arrays.asList;
import static com.google.common.collect.Sets.newHashSet;
import static org.springframework.http.HttpStatus.CONFLICT;
import static org.springframework.http.HttpStatus.CREATED;
import static org.springframework.http.HttpStatus.FORBIDDEN;
@@ -56,19 +57,27 @@ import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanCo
import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentType.UNFILED_CONTAINER_TYPE;
import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentType.UNFILED_RECORD_FOLDER_TYPE;
import static org.alfresco.rest.rm.community.model.user.UserPermissions.PERMISSION_FILING;
import static org.alfresco.rest.rm.community.model.user.UserRoles.IN_PLACE_READERS;
import static org.alfresco.rest.rm.community.model.user.UserRoles.IN_PLACE_WRITERS;
import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_ADMIN;
import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_MANAGER;
import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_POWER_USER;
import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_SECURITY_OFFICER;
import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_USER;
import static org.alfresco.utility.data.RandomData.getRandomAlphanumeric;
import static org.alfresco.utility.data.RandomData.getRandomName;
import java.util.ArrayList;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Set;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import org.alfresco.rest.rm.community.base.BaseRMRestTest;
import org.alfresco.rest.rm.community.base.DataProviderClass;
import org.alfresco.rest.rm.community.model.CapabilityModel;
import org.alfresco.rest.rm.community.model.fileplan.FilePlan;
import org.alfresco.rest.rm.community.model.fileplan.FilePlanProperties;
import org.alfresco.rest.rm.community.model.hold.Hold;
@@ -76,6 +85,9 @@ import org.alfresco.rest.rm.community.model.hold.HoldCollection;
import org.alfresco.rest.rm.community.model.recordcategory.RecordCategory;
import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryCollection;
import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryProperties;
import org.alfresco.rest.rm.community.model.role.Role;
import org.alfresco.rest.rm.community.model.role.RoleCollection;
import org.alfresco.rest.rm.community.model.user.UserCapabilities;
import org.alfresco.rest.rm.community.requests.gscore.api.RMSiteAPI;
import org.alfresco.utility.constants.ContainerName;
import org.alfresco.utility.model.UserModel;
@@ -87,6 +99,7 @@ import org.alfresco.utility.report.Bug;
* @author Rodica Sutu
* @since 2.6
*/
@SuppressWarnings("PMD.UnitTestShouldIncludeAssert")
public class FilePlanTests extends BaseRMRestTest
{
// ** Number of children (for children creation test) */
@@ -266,7 +279,7 @@ public class FilePlanTests extends BaseRMRestTest
* When I ask the API to create a root record category
* Then it is created as a root record category
* </pre>
*
*
* <pre>
* Given that a file plan exists
* When I use the API to create a folder (cm:folder type) into the fileplan
@@ -314,7 +327,7 @@ public class FilePlanTests extends BaseRMRestTest
* When I ask the API to create a root category having the same name
* Then the response code received is 409 - name clashes with an existing node
* </pre>
*
*
* <pre>
* Given a root category
* When I ask the API to create a root category having the same name with autoRename parameter on true
@@ -594,4 +607,171 @@ public class FilePlanTests extends BaseRMRestTest
}
});
}
/**
* <pre>
* Given that a file plan exists
* When rmAdmin user ask the API for roles
* It provides list of all default roles
* </pre>
*/
@Test
public void listFilePlanAllDefaultRoles()
{
List<String> defaultRolesDisplayNames = asList(IN_PLACE_READERS.displayName, ROLE_RM_ADMIN.displayName, ROLE_RM_MANAGER.displayName, ROLE_RM_POWER_USER.displayName, ROLE_RM_USER.displayName, IN_PLACE_WRITERS.displayName, ROLE_RM_SECURITY_OFFICER.displayName);
// Call to new API to get the roles and capabilities
RoleCollection roleCollection = getRestAPIFactory().getFilePlansAPI().getFilePlanRoles(FILE_PLAN_ALIAS);
assertStatusCode(OK);
roleCollection.getEntries().forEach(roleModelEntry -> {
Role role = roleModelEntry.getEntry();
assertTrue(defaultRolesDisplayNames.contains(role.getDisplayLabel()));
assertNotNull(role.getCapabilities());
});
}
/**
* <pre>
* Given that a file plan exists
* When rmAdmin user ask the API for roles with SystemRoles as false
* It provides list of all roles excluding SystemRoles
* </pre>
*/
@Test
public void listFilePlanAllRolesExcludeSystemRoles()
{
String parameters = "where=(systemRoles=false)";
List<String> systemRolesDisplayNames = asList(IN_PLACE_WRITERS.displayName, IN_PLACE_READERS.displayName);
// Call to new API to get the roles and capabilities
RoleCollection roleCollection = getRestAPIFactory().getFilePlansAPI().getFilePlanRoles(FILE_PLAN_ALIAS, parameters);
assertStatusCode(OK);
roleCollection.getEntries().forEach(roleModelEntry -> {
Role role = roleModelEntry.getEntry();
assertFalse(systemRolesDisplayNames.contains(role.getDisplayLabel()));
assertNotNull(role.getCapabilities());
});
}
/**
* <pre>
* Given that a file plan exists
* When a non-RM user asks the API for the roles
* Then the status code 403 (Permission denied) is return
* </pre>
*/
@Test
public void nonRmUserFilePlanRoles()
{
// Create a random user
UserModel nonRMuser = getDataUser().createRandomTestUser("testUser");
// Call to new API to get the roles and capabilities
getRestAPIFactory().getFilePlansAPI(nonRMuser).getFilePlanRoles(FILE_PLAN_ALIAS);
assertStatusCode(FORBIDDEN);
}
/**
* <pre>
* Given that a file plan exists
* When a RM_Manager user asks the API for the roles
* returns the RM_Manager role and capabilities
* </pre>
*/
@Test
public void rmManagerFilePlanRolesAndCapabilities()
{
// Create a random user
UserModel managerUser = getDataUser().createRandomTestUser("managerUser");
// Assign RecordsManager role to user
getRestAPIFactory().getRMUserAPI().assignRoleToUser(managerUser.getUsername(), ROLE_RM_MANAGER.roleId);
String parameters = "where=(personId='" + managerUser.getUsername() + "')";
// Call to new API to get the roles and capabilities
RoleCollection roleCollection = getRestAPIFactory().getFilePlansAPI(managerUser).getFilePlanRoles(FILE_PLAN_ALIAS, parameters);
roleCollection.getEntries().forEach(roleModelEntry -> {
Role role = roleModelEntry.getEntry();
assertEquals(ROLE_RM_MANAGER.displayName, role.getDisplayLabel());
assertNotNull(role.getCapabilities());
});
}
/**
* <pre>
* Given that a file plan exists
* When a User with more than one role asks the API for the roles and relation
* returns the roles and capabilities
* </pre>
*/
@Test
public void multipleRoleUserFilePlanRolesAndCapabilities()
{
// Create a random user
UserModel rmUser = getDataUser().createRandomTestUser("rmUser");
// Assign rmUser role to user
getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), ROLE_RM_USER.roleId);
getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), ROLE_RM_POWER_USER.roleId);
String parameters = "where=(personId='" + rmUser.getUsername() + "')";
// Call to new API to get the roles and capabilities
RoleCollection roleCollection = getRestAPIFactory().getFilePlansAPI(rmUser).getFilePlanRoles(FILE_PLAN_ALIAS, parameters);
assertStatusCode(OK);
assertEquals(roleCollection.getEntries().size(), 2);
roleCollection.getEntries().forEach(roleModelEntry -> {
Role role = roleModelEntry.getEntry();
assertTrue(role.getDisplayLabel().equals(ROLE_RM_USER.displayName) || role.getDisplayLabel().equals(ROLE_RM_POWER_USER.displayName));
assertNotNull(role.getCapabilities());
});
}
/**
* <pre>
* Given that a file plan exists
* When a new user with a new role asks the API for the roles and relation
* returns the new role and new capabilities
* </pre>
*/
@Test
public void newRoleUserFilePlanRolesAndCapabilities()
{
/** A list of capabilities. */
Set<String> newCapabilities = newHashSet(UserCapabilities.VIEW_RECORDS_CAP, UserCapabilities.DECLARE_RECORDS_CAP);
// Create a new role using old API
getRmRolesAndActionsV0API().createRole(getAdminUser().getUsername(), getAdminUser().getPassword(), "NewTestRole",
"New Role Label", newCapabilities);
// Create a random user
UserModel rmNewUser = getDataUser().createRandomTestUser("rmPowerUser");
// Assign New role to user
getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmNewUser.getUsername(), "NewTestRole");
String parameters = "where=(personId='" + rmNewUser.getUsername() + "')";
// Call to new API to get the roles and capabilities
RoleCollection roleCollection = getRestAPIFactory().getFilePlansAPI(rmNewUser).getFilePlanRoles(FILE_PLAN_ALIAS, parameters);
assertStatusCode(OK);
assertEquals(roleCollection.getEntries().size(), 1);
roleCollection.getEntries().forEach(roleModelEntry -> {
List<CapabilityModel> capabilities = roleModelEntry.getEntry().getCapabilities();
capabilities.forEach(capabilityModel -> {
assertTrue(newCapabilities.contains(capabilityModel.name()));
});
});
}
/**
* <pre>
* Given that a file plan exists
* When API call happens with Capability filter
* returns roles associated with the capability
* </pre>
*/
@Test
public void filePlanRolesAndCapabilitiesFilter()
{
String parameters = "where=(systemRoles=true and capabilityName in ('ManageRules'))";
// Call to new API to get the roles and capabilities, filter by capability, include assigned users
RoleCollection roleCollection = getRestAPIFactory().getFilePlansAPI().getFilePlanRoles(FILE_PLAN_ALIAS, parameters);
assertStatusCode(OK);
assertEquals(roleCollection.getEntries().size(), 1);
roleCollection.getEntries().forEach(roleModelEntry -> {
Role role = roleModelEntry.getEntry();
assertEquals(ROLE_RM_ADMIN.displayName, role.getDisplayLabel());
assertNotNull(role.getCapabilities());
});
}
}