Added permission check on documentlist action menu (#1832)

* #ADF-166 - add permissin check on folder creation

* #ADF-166 - removed wrong pushed change

* #ADF-166 - improved permission check

* #ADF-166 - added test for menu action permission check

* #ADF-166 upgraded disabled attribute to match all the browsers

* #ADF-166 added peer review changes

* #ADF-166 added some little code improvements

ng2-components/ng2-alfresco-documentlist/src/components/document-menu-action.component.spec.ts

@@ -16,9 +16,11 @@
  */
 
 import { async, ComponentFixture, TestBed } from '@angular/core/testing';
+import { SimpleChange } from '@angular/core';
 import {
     AlfrescoAuthenticationService,
     AlfrescoSettingsService,
+    AlfrescoTranslationService,
     AlfrescoApiService,
     CoreModule,
     LogService
@@ -28,6 +30,56 @@ import { DocumentMenuActionComponent } from './document-menu-action.component';
 
 declare let jasmine: any;
 
+let exampleFolderWithCreate = {
+    'entry': {
+        'aspectNames': ['cm:auditable'],
+        'allowableOperations': ['create'],
+        'createdAt': '2017-04-03T11:34:35.708+0000',
+        'isFolder': true,
+        'isFile': false,
+        'createdByUser': { 'id': 'admin', 'displayName': 'Administrator' },
+        'modifiedAt': '2017-04-03T11:34:35.708+0000',
+        'modifiedByUser': { 'id': 'admin', 'displayName': 'Administrator' },
+        'name': 'test-folder2',
+        'id': 'c0284dc3-841d-48b2-955c-bcb2218e2b03',
+        'nodeType': 'cm:folder',
+        'parentId': '1ee81bf8-52d6-4cfc-a924-1efbc79306bf'
+    }
+};
+
+let exampleFolderWithPermissions = {
+    'entry': {
+        'aspectNames': ['cm:auditable'],
+        'allowableOperations': ['check'],
+        'createdAt': '2017-04-03T11:34:35.708+0000',
+        'isFolder': true,
+        'isFile': false,
+        'createdByUser': { 'id': 'admin', 'displayName': 'Administrator' },
+        'modifiedAt': '2017-04-03T11:34:35.708+0000',
+        'modifiedByUser': { 'id': 'admin', 'displayName': 'Administrator' },
+        'name': 'test-folder2',
+        'id': 'c0284dc3-841d-48b2-955c-bcb2218e2b03',
+        'nodeType': 'cm:folder',
+        'parentId': '1ee81bf8-52d6-4cfc-a924-1efbc79306bf'
+    }
+};
+
+let exampleFolderWithNoOperations = {
+    'entry': {
+        'aspectNames': ['cm:auditable'],
+        'createdAt': '2017-04-03T11:34:35.708+0000',
+        'isFolder': true,
+        'isFile': false,
+        'createdByUser': { 'id': 'admin', 'displayName': 'Administrator' },
+        'modifiedAt': '2017-04-03T11:34:35.708+0000',
+        'modifiedByUser': { 'id': 'admin', 'displayName': 'Administrator' },
+        'name': 'test-folder2',
+        'id': 'c0284dc3-841d-48b2-955c-bcb2218e2b03',
+        'nodeType': 'cm:folder',
+        'parentId': '1ee81bf8-52d6-4cfc-a924-1efbc79306bf'
+    }
+};
+
 describe('Document menu action', () => {
 
     let component: DocumentMenuActionComponent;
@@ -50,6 +102,9 @@ describe('Document menu action', () => {
         });
 
         TestBed.compileComponents();
+
+        let translateService = TestBed.get(AlfrescoTranslationService);
+        spyOn(translateService, 'get').and.returnValue({ value: 'fake translated message' });
     }));
 
     beforeEach(() => {
@@ -69,7 +124,7 @@ describe('Document menu action', () => {
     describe('Folder creation', () => {
 
         it('should createFolder fire a success event if the folder has been created', (done) => {
-
+            component.allowableOperations = ['create'];
             component.showDialog();
 
             component.createFolder('test-folder');
@@ -81,26 +136,12 @@ describe('Document menu action', () => {
             jasmine.Ajax.requests.mostRecent().respondWith({
                 status: 200,
                 contentType: 'application/json',
-                responseText: JSON.stringify({
-                    'entry': {
-                        'aspectNames': ['cm:auditable'],
-                        'createdAt': '2017-04-03T11:34:35.708+0000',
-                        'isFolder': true,
-                        'isFile': false,
-                        'createdByUser': {'id': 'admin', 'displayName': 'Administrator'},
-                        'modifiedAt': '2017-04-03T11:34:35.708+0000',
-                        'modifiedByUser': {'id': 'admin', 'displayName': 'Administrator'},
-                        'name': 'test-folder2',
-                        'id': 'c0284dc3-841d-48b2-955c-bcb2218e2b03',
-                        'nodeType': 'cm:folder',
-                        'parentId': '1ee81bf8-52d6-4cfc-a924-1efbc79306bf'
-                    }
-                })
+                responseText: JSON.stringify(exampleFolderWithCreate)
             });
         });
 
         it('should createFolder fire an error event if the folder has not been created', (done) => {
-
+            component.allowableOperations = ['create'];
             component.showDialog();
 
             component.createFolder('test-folder');
@@ -113,5 +154,118 @@ describe('Document menu action', () => {
                 status: 403
             });
         });
+
+        it('should createFolder fire an error when folder already exists', (done) => {
+            component.allowableOperations = ['create'];
+            component.showDialog();
+
+            component.createFolder('test-folder');
+
+            component.error.subscribe((err) => {
+                expect(err.message).toEqual('fake translated message');
+                done();
+            });
+
+            jasmine.Ajax.requests.mostRecent().respondWith({
+                status: 403,
+                responseText: JSON.stringify({ message: 'Fake folder exists', error: { statusCode: 409 } })
+            });
+        });
+    });
+
+    describe('Check Permissions', () => {
+
+        it('should get the folder permission when folderId is changed', async(() => {
+            let change = new SimpleChange('folder-id', 'new-folder-id');
+            component.ngOnChanges({ 'folderId': change });
+
+            jasmine.Ajax.requests.mostRecent().respondWith({
+                status: 200,
+                contentType: 'application/json',
+                responseText: JSON.stringify(exampleFolderWithCreate)
+            });
+
+            fixture.whenStable().then(() => {
+                fixture.detectChanges();
+                let createButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#folder-create-button');
+                expect(createButton).toBeDefined();
+                expect(component.allowableOperations).toBeDefined();
+                expect(component.allowableOperations).not.toBeNull();
+                expect(createButton.disabled).toBeFalsy();
+            });
+        }));
+
+        it('should disable the create button if folder does not have any allowable operations', async(() => {
+            let change = new SimpleChange('folder-id', 'new-folder-id');
+            component.ngOnChanges({ 'folderId': change });
+
+            jasmine.Ajax.requests.mostRecent().respondWith({
+                status: 200,
+                contentType: 'application/json',
+                responseText: JSON.stringify(exampleFolderWithNoOperations)
+            });
+            fixture.detectChanges();
+            fixture.whenStable().then(() => {
+                fixture.detectChanges();
+                let createButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#folder-create-button');
+                expect(createButton).toBeDefined();
+                expect(createButton.disabled).toBeTruthy();
+            });
+        }));
+
+        it('should disable the create button if folder does not have create permission', async(() => {
+            let change = new SimpleChange('folder-id', 'new-folder-id');
+            component.ngOnChanges({ 'folderId': change });
+
+            jasmine.Ajax.requests.mostRecent().respondWith({
+                status: 200,
+                contentType: 'application/json',
+                responseText: JSON.stringify(exampleFolderWithPermissions)
+            });
+            fixture.detectChanges();
+            fixture.whenStable().then(() => {
+                fixture.detectChanges();
+                let createButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#folder-create-button');
+                expect(createButton).toBeDefined();
+                expect(createButton.disabled).toBeTruthy();
+            });
+        }));
+
+        it('should not disable the option when disableWithNoPermission is false', async(() => {
+            component.disableWithNoPermission = false;
+            let change = new SimpleChange('folder-id', 'new-folder-id');
+            component.ngOnChanges({ 'folderId': change });
+
+            jasmine.Ajax.requests.mostRecent().respondWith({
+                status: 200,
+                contentType: 'application/json',
+                responseText: JSON.stringify(exampleFolderWithNoOperations)
+            });
+
+            fixture.whenStable().then(() => {
+                fixture.detectChanges();
+                let createButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#folder-create-button');
+                expect(createButton).toBeDefined();
+                expect(createButton.disabled).toBeFalsy();
+            });
+        }));
+
+        it('should emit permission event error when user does not have create permission', async(() => {
+            let change = new SimpleChange('folder-id', 'new-folder-id');
+            component.ngOnChanges({ 'folderId': change });
+
+            jasmine.Ajax.requests.mostRecent().respondWith({
+                status: 200,
+                contentType: 'application/json',
+                responseText: JSON.stringify(exampleFolderWithNoOperations)
+            });
+
+            component.permissionErrorEvent.subscribe((error) => {
+                expect(error.type).toEqual('folder');
+                expect(error.action).toEqual('create');
+            });
+            component.showDialog();
+            component.createFolder('not-allowed');
+        }));
     });
 });