inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

The check for whether a task can be updated has been loosened, means pooled tasks can now be claimed.

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21582 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Gavin Cornwell
2010-08-04 05:55:38 +00:00
parent a343197d68
commit eeff85b13a
2 changed files with 56 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
source/java/org/alfresco/repo/web/scripts/workflow/TaskInstancePut.java
View File

@@ -21,6 +21,7 @@ package org.alfresco.repo.web.scripts.workflow;
import java.io.IOException; import java.io.IOException;
import java.io.Serializable; import java.io.Serializable;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@@ -28,6 +29,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.alfresco.model.ContentModel; import org.alfresco.model.ContentModel;
import org.alfresco.repo.workflow.WorkflowModel;
import org.alfresco.service.cmr.dictionary.PropertyDefinition; import org.alfresco.service.cmr.dictionary.PropertyDefinition;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter; import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
@@ -64,34 +66,38 @@ public class TaskInstancePut extends AbstractWorkflowWebscript
WorkflowTask workflowTask = workflowService.getTaskById(taskId); WorkflowTask workflowTask = workflowService.getTaskById(taskId);
String currentUser = authenticationService.getCurrentUserName(); String currentUser = authenticationService.getCurrentUserName();
Serializable owner = workflowTask.getProperties().get(ContentModel.PROP_OWNER); Serializable owner = workflowTask.getProperties().get(ContentModel.PROP_OWNER);
Serializable initiator = getWorkflowInitiator(workflowTask); Serializable initiator = getWorkflowInitiator(workflowTask);
if (!(owner != null && currentUser.equals(owner) || initiator != null && currentUser.equals(initiator))) // if the the current user is the owner of the task, the initiator of the workflow
// or a member of the assigned pooled actors group, updating the task is allowed
if ((owner != null && currentUser.equals(owner)) ||
(initiator != null && currentUser.equals(initiator)) ||
isUserInPooledActors(workflowTask, currentUser))
{ {
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Failed to update workflow task with id: " + taskId);
}
// read request json // read request json
json = new JSONObject(new JSONTokener(req.getContent().getContent())); json = new JSONObject(new JSONTokener(req.getContent().getContent()));
// update task properties // update task properties
workflowTask = workflowService.updateTask(taskId, parseTaskProperties(json), null, null); workflowTask = workflowService.updateTask(taskId, parseTaskProperties(json), null, null);
// task was not founded -> return 404 // task was not found -> return 404
if (workflowTask == null) if (workflowTask == null)
{ {
throw new WebScriptException(HttpServletResponse.SC_NOT_FOUND, "Failed to find workflow task with id: " + taskId); throw new WebScriptException(HttpServletResponse.SC_NOT_FOUND, "Failed to find workflow task with id: " + taskId);
} }
Map<String, Object> model = new HashMap<String, Object>();
// build the model for ftl // build the model for ftl
Map<String, Object> model = new HashMap<String, Object>();
model.put("workflowTask", modelBuilder.buildDetailed(workflowTask)); model.put("workflowTask", modelBuilder.buildDetailed(workflowTask));
return model; return model;
} }
else
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Failed to update workflow task with id: " + taskId);
}
}
catch (IOException iox) catch (IOException iox)
{ {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not read content from request.", iox); throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not read content from request.", iox);
@@ -171,7 +177,7 @@ public class TaskInstancePut extends AbstractWorkflowWebscript
{ {
Serializable initiatorUserName = null; Serializable initiatorUserName = null;
NodeRef initiator = workflowTask.path.instance.initiator; NodeRef initiator = workflowTask.getPath().getInstance().getInitiator();
if (initiator != null) if (initiator != null)
{ {
@@ -180,4 +186,20 @@ public class TaskInstancePut extends AbstractWorkflowWebscript
return initiatorUserName; return initiatorUserName;
} }
private boolean isUserInPooledActors(WorkflowTask task, String currentUser)
{
boolean result = false;
Collection<?> actors = (Collection<?>)task.getProperties().get(WorkflowModel.ASSOC_POOLED_ACTORS);
if (actors != null && !actors.isEmpty())
{
// TODO: determine whether the user is in any of the groups, for now allow
// pooled tasks to be updated.
result = true;
}
return result;
}
} }

10
source/java/org/alfresco/repo/web/scripts/workflow/WorkflowRestApiTest.java
View File

@@ -269,10 +269,12 @@ public class WorkflowRestApiTest extends BaseWebScriptTest
jsonProperties.put(qnameToString(WorkflowModel.PROP_DESCRIPTION), "Edited description"); jsonProperties.put(qnameToString(WorkflowModel.PROP_DESCRIPTION), "Edited description");
jsonProperties.put(qnameToString(WorkflowModel.PROP_PRIORITY), 1); jsonProperties.put(qnameToString(WorkflowModel.PROP_PRIORITY), 1);
// test USER3 can not update the task
personManager.setUser(USER3); personManager.setUser(USER3);
Response unauthResponse = sendRequest(new PutRequest(URL_TASKS + "/" + startTask.id, jsonProperties.toString(), "application/json"), 401); Response unauthResponse = sendRequest(new PutRequest(URL_TASKS + "/" + startTask.id, jsonProperties.toString(), "application/json"), 401);
assertEquals(Status.STATUS_UNAUTHORIZED, unauthResponse.getStatus()); assertEquals(Status.STATUS_UNAUTHORIZED, unauthResponse.getStatus());
// test USER1 (the task owner) can update the task
personManager.setUser(USER1); personManager.setUser(USER1);
Response putResponse = sendRequest(new PutRequest(URL_TASKS + "/" + startTask.id, jsonProperties.toString(), "application/json"), 200); Response putResponse = sendRequest(new PutRequest(URL_TASKS + "/" + startTask.id, jsonProperties.toString(), "application/json"), 200);
@@ -285,6 +287,14 @@ public class WorkflowRestApiTest extends BaseWebScriptTest
JSONObject editedJsonProperties = result.getJSONObject("properties"); JSONObject editedJsonProperties = result.getJSONObject("properties");
compareProperties(jsonProperties, editedJsonProperties); compareProperties(jsonProperties, editedJsonProperties);
// get the next task where USER2 is the owner
workflowService.endTask(startTask.id, null);
List<WorkflowPath> paths = workflowService.getWorkflowPaths(adhocPath.getInstance().getId());
WorkflowTask nextTask = workflowService.getTasksForWorkflowPath(paths.get(0).getId()).get(0);
// make sure USER1 (the workflow initiator) can update
putResponse = sendRequest(new PutRequest(URL_TASKS + "/" + nextTask.id, jsonProperties.toString(), "application/json"), 200);
} }
public void testWorkflowDefinitionsGet() throws Exception public void testWorkflowDefinitionsGet() throws Exception