RM-2123 Give clearance to the admin and system users.

Make sure this is executed as a patch and also bootstrapped into a clean system using the BootstrapImporterModuleComponent. Also restrict access to the classification levels (via the get API) to only the levels that the user has clearance to. +review RM git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104376 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2015-05-18 15:03:59 +00:00
parent 24780dc472
commit f03e36ee91
12 changed files with 286 additions and 44 deletions
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponentUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponentUnitTest.java
@@ -34,7 +34,7 @@ import org.mockito.Mock;

 /**
 * Bootstrap importer module component unit test
- * 
+ *
 * @author Roy Wetherall
 * @since 2.3
 */
@@ -42,16 +42,17 @@ public class BootstrapImporterModuleComponentUnitTest extends BaseUnitTest
 {
    /** RM config node */
    private static final NodeRef configNodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, "rm_config_folder");
-    
+
    /** mocks */
-    @Mock(name="importer")                                  private ImporterBootstrap                           mockedImporter;
-    @Mock(name="modulePatchExecuter")                       private ModulePatchExecuter                         mockedModulePatchExecuter;
-    @Mock(name="recordContributorsGroupBootstrapComponent") private RecordContributorsGroupBootstrapComponent   mockedRecordContributorsGroupBootstrapComponent;
-    
+    @Mock(name="importer")                                    private ImporterBootstrap                           mockedImporter;
+    @Mock(name="modulePatchExecuter")                         private ModulePatchExecuter                         mockedModulePatchExecuter;
+    @Mock(name="recordContributorsGroupBootstrapComponent")   private RecordContributorsGroupBootstrapComponent   mockedRecordContributorsGroupBootstrapComponent;
+    @Mock(name="clearancesForSpecialUsersBootstrapComponent") private ClearancesForSpecialUsersBootstrapComponent mockedClearancesForSpecialUsersBootstrapComponent;
+
    /** importer */
    @InjectMocks
    private BootstrapImporterModuleComponent importer;
-    
+
    /**
     * Given that the system has already been bootstraped
     * When I try and boostrap the system
@@ -62,16 +63,16 @@ public class BootstrapImporterModuleComponentUnitTest extends BaseUnitTest
    {
        // config node exists
        doReturn(true).when(mockedNodeService).exists(configNodeRef);
-        
+
        // boostrap
        importer.executeInternal();
-        
+
        // not bootstraped
        verify(mockedImporter, never()).bootstrap();
        verify(mockedModulePatchExecuter, never()).initSchemaVersion();
        verify(mockedRecordContributorsGroupBootstrapComponent, never()).createRecordContributorsGroup();
    }
-    
+
    /**
     * Given that the system has not been bootstraped
     * When I try and bootstrap the system
@@ -82,13 +83,13 @@ public class BootstrapImporterModuleComponentUnitTest extends BaseUnitTest
    {
        // config node does not exist
        doReturn(false).when(mockedNodeService).exists(configNodeRef);
-        
+
        // boostrap
        importer.executeInternal();
-        
+
        // not bootstraped
        verify(mockedImporter, times(1)).bootstrap();
        verify(mockedModulePatchExecuter, times(1)).initSchemaVersion();
-        verify(mockedRecordContributorsGroupBootstrapComponent, times(1)).createRecordContributorsGroup();        
+        verify(mockedRecordContributorsGroupBootstrapComponent, times(1)).createRecordContributorsGroup();
    }
 }
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponentUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponentUnitTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.bootstrap;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevel;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevelManager;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceBootstrap;
+import org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel;
+import org.alfresco.module.org_alfresco_module_rm.util.AuthenticationUtil;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.security.PersonService;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+
+/**
+ * Unit tests for {@link ClearancesForSpecialUsersBootstrapComponent}.
+ *
+ * @author tpage
+ */
+public class ClearancesForSpecialUsersBootstrapComponentUnitTest implements ClassifiedContentModel
+{
+    @InjectMocks ClearancesForSpecialUsersBootstrapComponent clearancesForSpecialUsersBootstrapComponent;
+    @Mock AuthenticationUtil mockAuthenticationUtil;
+    @Mock PersonService mockPersonService;
+    @Mock NodeService mockNodeService;
+    @Mock ClassificationServiceBootstrap mockClassificationServiceBootstrap;
+
+    @Before public void setUp()
+    {
+        initMocks(this);
+    }
+
+    /** Check that the system and admin users get assigned the provided clearance. */
+    @Test public void testCreateClearancesForSpecialUsers()
+    {
+        // Allow the classification level id to be found.
+        ClassificationLevel level = new ClassificationLevel("id", "displayLabelKey");
+        ClassificationLevelManager mockClassificationLevelManager = mock(ClassificationLevelManager.class);
+        when(mockClassificationLevelManager.getMostSecureLevel()).thenReturn(level);
+        when(mockClassificationServiceBootstrap.getClassificationLevelManager()).thenReturn(mockClassificationLevelManager);
+
+        // Set up the admin and system users.
+        when(mockAuthenticationUtil.getSystemUserName()).thenReturn("system");
+        NodeRef system = new NodeRef("system://node/");
+        when(mockPersonService.getPerson("system")).thenReturn(system);
+        when(mockAuthenticationUtil.getAdminUserName()).thenReturn("admin");
+        NodeRef admin = new NodeRef("admin://node/");
+        when(mockPersonService.getPerson("admin")).thenReturn(admin);
+
+        // Call the method under test.
+        clearancesForSpecialUsersBootstrapComponent.createClearancesForSpecialUsers();
+
+        verify(mockNodeService).setProperty(system, PROP_CLEARANCE_LEVEL, "id");
+        verify(mockNodeService).setProperty(admin, PROP_CLEARANCE_LEVEL, "id");
+        // Check that the classification levels were loaded.
+        verify(mockClassificationServiceBootstrap).onBootstrap(null);
+    }
+}