inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-07-24 17:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

[ADF-2671] added permission check on permissions (#3521)

Browse Source 
* [ADF-2671] start adding permission check for changing permissions

* [ADF-2671] added permission check for inherit button and permission dialog

* [ADF-2671] added permission check for inherit button and permission dialog

* [ADF-2671] start fixing and adding test for new permission check

* ]
[ADF-2671] improved check for node-permission directive

* [ADF-2671] fixed and added more test for permission on permissions

* [ADF-2671] reverting change on node-permission directive

* [ADF-2671] fixing test for permission check
This commit is contained in:
Vito
2018-06-27 15:15:57 +01:00
committed by Eugenio Romano
parent 7563f91665
commit 9fef181155
8 changed files with 170 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/content-services/i18n/en.json
View File

@@ -283,7 +283,8 @@
"EVERYONE" : "EVERYONE"
},
"ERROR": {
"DUPLICATE-PERMISSION": "One or more of the permissions you have set is already present : {{list}}"
"DUPLICATE-PERMISSION": "One or more of the permissions you have set is already present : {{list}}",
"NOT-ALLOWED": "You are not allowed to change permissions"
}
}
}

2
lib/content-services/permission-manager/components/add-permission/add-permission.component.html
View File

@@ -5,7 +5,7 @@
<button mat-button
id="adf-add-permission-action-button"
class="adf-permission-action"
[disabled]="selectedItems?.length === 0"
[disabled]="!isAddEnabled()"
(click)="applySelection()">
{{'PERMISSION_MANAGER.ADD-PERMISSION.ADD-ACTION' | translate}}
</button>

36
lib/content-services/permission-manager/components/add-permission/add-permission.component.spec.ts
View File

@@ -19,7 +19,7 @@ import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { AddPermissionComponent } from './add-permission.component';
import { AddPermissionPanelComponent } from './add-permission-panel.component';
import { By } from '@angular/platform-browser';
import { setupTestBed } from '@alfresco/adf-core';
import { setupTestBed, NodesApiService } from '@alfresco/adf-core';
import { Observable } from 'rxjs/Observable';
import { fakeAuthorityResults } from '../../../mock/add-permission.component.mock';
import { ContentTestingModule } from '../../../testing/content.testing.module';
@@ -30,6 +30,7 @@ describe('AddPermissionComponent', () => {
let fixture: ComponentFixture<AddPermissionComponent>;
let element: HTMLElement;
let nodePermissionService: NodePermissionService;
let nodeApiService: NodesApiService;
setupTestBed({
imports: [
@@ -38,6 +39,8 @@ describe('AddPermissionComponent', () => {
});
beforeEach(() => {
nodeApiService = TestBed.get(NodesApiService);
spyOn(nodeApiService, 'getNode').and.returnValue(Observable.of({ id: 'fake-node', allowableOperations: ['updatePermissions']}));
fixture = TestBed.createComponent(AddPermissionComponent);
element = fixture.nativeElement;
nodePermissionService = TestBed.get(NodePermissionService);
@@ -67,12 +70,24 @@ describe('AddPermissionComponent', () => {
});
}));
it('should emit a success event when the node is updated', async(() => {
it('should NOT enable the ADD button when a selection is sent but the user does not have the permissions', async(() => {
const addPermissionPanelComponent: AddPermissionPanelComponent = fixture.debugElement.query(By.directive(AddPermissionPanelComponent)).componentInstance;
addPermissionPanelComponent.select.emit(fakeAuthorityResults);
fixture.componentInstance.currentNode = {id: 'fake-node-id'};
fixture.whenStable().then(() => {
fixture.detectChanges();
const addButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#adf-add-permission-action-button');
expect(addButton.disabled).toBeTruthy();
});
}));
it('should emit a success event when the node is updated', (done) => {
fixture.componentInstance.selectedItems = fakeAuthorityResults;
spyOn(nodePermissionService, 'updateNodePermissions').and.returnValue(Observable.of({ id: 'fake-node-id'}));
fixture.componentInstance.success.subscribe((node) => {
expect(node.id).toBe('fake-node-id');
done();
});
fixture.detectChanges();
@@ -81,14 +96,25 @@ describe('AddPermissionComponent', () => {
const addButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#adf-add-permission-action-button');
addButton.click();
});
}));
});
it('should emit an error event when the node update fail', async(() => {
it('should NOT emit a success event when the user does not have permission to update the node', () => {
fixture.componentInstance.selectedItems = fakeAuthorityResults;
fixture.componentInstance.currentNode = { id: 'fake-node-id' };
spyOn(nodePermissionService, 'updateNodePermissions').and.returnValue(Observable.of({ id: 'fake-node-id' }));
let spySuccess = spyOn(fixture.componentInstance, 'success');
fixture.componentInstance.applySelection();
expect(spySuccess).not.toHaveBeenCalled();
});
it('should emit an error event when the node update fail', (done) => {
fixture.componentInstance.selectedItems = fakeAuthorityResults;
spyOn(nodePermissionService, 'updateNodePermissions').and.returnValue(Observable.throw({ error: 'errored'}));
fixture.componentInstance.error.subscribe((error) => {
expect(error.error).toBe('errored');
done();
});
fixture.detectChanges();
@@ -97,6 +123,6 @@ describe('AddPermissionComponent', () => {
const addButton: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#adf-add-permission-action-button');
addButton.click();
});
}));
});
});

13
lib/content-services/permission-manager/components/add-permission/add-permission.component.ts
View File

@@ -18,6 +18,7 @@
import { Component, ViewEncapsulation, EventEmitter, Input, Output } from '@angular/core';
import { MinimalNodeEntity, MinimalNodeEntryEntity } from 'alfresco-js-api';
import { NodePermissionService } from '../../services/node-permission.service';
import { NodesApiService, ContentService, PermissionsEnum } from '@alfresco/adf-core';
@Component({
selector: 'adf-add-permission',
@@ -43,14 +44,23 @@ export class AddPermissionComponent {
currentNode: MinimalNodeEntryEntity;
currentNodeRoles: string[];
constructor(private nodePermissionService: NodePermissionService) {
constructor(private nodePermissionService: NodePermissionService,
private nodeApiService: NodesApiService,
private contentService: ContentService) {
this.nodeApiService.getNode(this.nodeId).subscribe((node) => this.currentNode = node);
}
onSelect(selection: MinimalNodeEntity[]) {
this.selectedItems = selection;
}
isAddEnabled(): boolean {
return this.contentService.hasPermission(this.currentNode, PermissionsEnum.UPDATEPERMISSIONS) &&
this.selectedItems.length !== 0;
}
applySelection() {
if (this.contentService.hasPermission(this.currentNode, PermissionsEnum.UPDATEPERMISSIONS)) {
this.nodePermissionService.updateNodePermissions(this.nodeId, this.selectedItems)
.subscribe(
(node) => {
@@ -60,5 +70,6 @@ export class AddPermissionComponent {
this.error.emit(error);
});
}
}
}

20
lib/content-services/permission-manager/components/inherited-button.directive.spec.ts
View File

@@ -21,8 +21,9 @@ import { InheritPermissionDirective } from './inherited-button.directive';
import { NodesApiService, setupTestBed, CoreModule } from '@alfresco/adf-core';
import { Observable } from 'rxjs/Observable';
const fakeNodeWithInherit: any = { id: 'fake-id', permissions : {isInheritanceEnabled : true}};
const fakeNodeNoInherit: any = { id: 'fake-id', permissions : {isInheritanceEnabled : false}};
const fakeNodeWithInherit: any = { id: 'fake-id', permissions : {isInheritanceEnabled : true}, allowableOperations: ['updatePermissions']};
const fakeNodeNoInherit: any = { id: 'fake-id', permissions : {isInheritanceEnabled : false}, allowableOperations: ['updatePermissions']};
const fakeNodeWithInheritNoPermission: any = { id: 'fake-id', permissions : {isInheritanceEnabled : true}};
describe('InheritPermissionDirective', () => {
@@ -95,4 +96,19 @@ describe('InheritPermissionDirective', () => {
});
}));
it('should not update the node when node has no permission', async(() => {
spyOn(nodeService, 'getNode').and.returnValue(Observable.of(fakeNodeWithInheritNoPermission));
let spyUpdateNode = spyOn(nodeService, 'updateNode');
component.updatedNode = true;
fixture.detectChanges();
const buttonPermission: HTMLButtonElement = <HTMLButtonElement> element.querySelector('#sample-button-permission');
expect(buttonPermission).not.toBeNull();
expect(element.querySelector('#update-notification')).not.toBeNull();
buttonPermission.click();
fixture.detectChanges();
fixture.whenStable().then(() => {
expect(spyUpdateNode).not.toHaveBeenCalled();
});
}));
});

9
lib/content-services/permission-manager/components/inherited-button.directive.ts
View File

@@ -17,7 +17,7 @@
/* tslint:disable:no-input-rename */
import { Directive, Input, Output, EventEmitter } from '@angular/core';
import { NodesApiService } from '@alfresco/adf-core';
import { NodesApiService, ContentService, PermissionsEnum } from '@alfresco/adf-core';
import { MinimalNodeEntryEntity } from 'alfresco-js-api';
@Directive({
@@ -38,15 +38,20 @@ export class InheritPermissionDirective {
@Output()
error: EventEmitter<any> = new EventEmitter<any>();
constructor(private nodeService: NodesApiService) {
constructor(private nodeService: NodesApiService,
private contentService: ContentService) {
}
onInheritPermissionClicked() {
this.nodeService.getNode(this.nodeId).subscribe((node: MinimalNodeEntryEntity) => {
if (this.contentService.hasPermission(node, PermissionsEnum.UPDATEPERMISSIONS)) {
const nodeBody = { permissions: { isInheritanceEnabled: !node.permissions.isInheritanceEnabled } };
this.nodeService.updateNode(this.nodeId, nodeBody, { include: ['permissions'] }).subscribe((nodeUpdated: MinimalNodeEntryEntity) => {
this.updated.emit(nodeUpdated);
}, (error) => this.error.emit(error));
} else {
this.error.emit('PERMISSION_MANAGER.ERROR.NOT-ALLOWED');
}
});
}

59
lib/content-services/permission-manager/services/node-permission-dialog.service.spec.ts
View File

@@ -16,13 +16,14 @@
*/
import { TestBed, async } from '@angular/core/testing';
import { AppConfigService, setupTestBed } from '@alfresco/adf-core';
import { AppConfigService, setupTestBed, ContentService } from '@alfresco/adf-core';
import { NodePermissionDialogService } from './node-permission-dialog.service';
import { MatDialog } from '@angular/material';
import { Observable } from 'rxjs/Observable';
import { Subject } from 'rxjs/Subject';
import { ContentTestingModule } from '../../testing/content.testing.module';
import { NodePermissionService } from './node-permission.service';
import { Node } from 'alfresco-js-api';
describe('NodePermissionDialogService', () => {
@@ -31,6 +32,7 @@ describe('NodePermissionDialogService', () => {
let spyOnDialogOpen: jasmine.Spy;
let afterOpenObservable: Subject<any>;
let nodePermissionService: NodePermissionService;
let contentService: ContentService;
setupTestBed({
imports: [ContentTestingModule],
@@ -44,6 +46,7 @@ describe('NodePermissionDialogService', () => {
materialDialog = TestBed.get(MatDialog);
afterOpenObservable = new Subject<any>();
nodePermissionService = TestBed.get(NodePermissionService);
contentService = TestBed.get(ContentService);
spyOnDialogOpen = spyOn(materialDialog, 'open').and.returnValue({
afterOpen: () => afterOpenObservable,
afterClosed: () => Observable.of({}),
@@ -57,27 +60,65 @@ describe('NodePermissionDialogService', () => {
expect(service).not.toBeNull();
});
describe('when node has permission to update permissions', () => {
let fakePermissionNode = {};
beforeEach(() => {
fakePermissionNode = <Node> { id: 'fake-permission-node', allowableOperations: ['updatePermissions']};
});
it('should be able to open the dialog showing node permissions', () => {
service.openAddPermissionDialog('fake-node-id', 'fake-title');
service.openAddPermissionDialog(fakePermissionNode, 'fake-title');
expect(spyOnDialogOpen).toHaveBeenCalled();
});
it('should throw an error if the update of the node fails', async(() => {
it('should return the updated node', (done) => {
spyOn(nodePermissionService, 'updateNodePermissions').and.returnValue(Observable.of({id : 'fake-node-updated'}));
spyOn(service, 'openAddPermissionDialog').and.returnValue(Observable.of({}));
spyOn(contentService, 'getNode').and.returnValue(Observable.of(fakePermissionNode));
service.updateNodePermissionByDialog('fake-node-id', 'fake-title').subscribe((node) => {
expect(node.id).toBe('fake-node-updated');
done();
});
});
it('should throw an error if the update of the node fails', (done) => {
spyOn(nodePermissionService, 'updateNodePermissions').and.returnValue(Observable.throw({error : 'error'}));
spyOn(service, 'openAddPermissionDialog').and.returnValue(Observable.of({}));
spyOn(contentService, 'getNode').and.returnValue(Observable.of(fakePermissionNode));
service.updateNodePermissionByDialog('fake-node-id', 'fake-title').subscribe(() => {
Observable.throw('This call should fail');
}, (error) => {
expect(error.error).toBe('error');
done();
});
});
});
}));
it('should return the updated node', async(() => {
spyOn(nodePermissionService, 'updateNodePermissions').and.returnValue(Observable.of({id : 'fake-node'}));
spyOn(service, 'openAddPermissionDialog').and.returnValue(Observable.of({}));
describe('when node does not have permission to update permissions', () => {
let fakeForbiddenNode = {};
beforeEach(() => {
fakeForbiddenNode = <Node> { id: 'fake-permission-node', allowableOperations: ['update']};
});
it('should not be able to open the dialog showing node permissions', () => {
service.openAddPermissionDialog(fakeForbiddenNode, 'fake-title');
expect(spyOnDialogOpen).not.toHaveBeenCalled();
});
it('should return the updated node', (done) => {
spyOn(contentService, 'getNode').and.returnValue(Observable.of(fakeForbiddenNode));
service.updateNodePermissionByDialog('fake-node-id', 'fake-title').subscribe((node) => {
expect(node.id).toBe('fake-node');
Observable.throw('This call should fail');
},
(error) => {
expect(error.message).toBe('PERMISSION_MANAGER.ERROR.NOT-ALLOWED');
done();
});
});
}));
});
});

22
lib/content-services/permission-manager/services/node-permission-dialog.service.ts
View File

@@ -21,14 +21,16 @@ import { Subject } from 'rxjs/Subject';
import { Observable } from 'rxjs/Observable';
import { AddPermissionDialogComponent } from '../components/add-permission/add-permission-dialog.component';
import { AddPermissionDialogData } from '../components/add-permission/add-permission-dialog-data.interface';
import { MinimalNodeEntity, MinimalNodeEntryEntity } from 'alfresco-js-api';
import { MinimalNodeEntity, MinimalNodeEntryEntity, Node } from 'alfresco-js-api';
import { NodePermissionService } from './node-permission.service';
import { ContentService, PermissionsEnum } from '@alfresco/adf-core';
@Injectable()
export class NodePermissionDialogService {
constructor(private dialog: MatDialog,
private nodePermissionService: NodePermissionService) {
private nodePermissionService: NodePermissionService,
private contentService: ContentService) {
}
/**
@@ -37,7 +39,8 @@ export class NodePermissionDialogService {
* @param title Dialog title
* @returns Node with updated permissions
*/
openAddPermissionDialog(nodeId: string, title?: string): Observable<MinimalNodeEntity[]> {
openAddPermissionDialog(node: Node, title?: string): Observable<MinimalNodeEntity[]> {
if (this.contentService.hasPermission(node, PermissionsEnum.UPDATEPERMISSIONS)) {
const confirm = new Subject<MinimalNodeEntity[]>();
confirm.subscribe({
@@ -45,13 +48,18 @@ export class NodePermissionDialogService {
});
const data: AddPermissionDialogData = {
nodeId: nodeId,
nodeId: node.id,
title: title,
confirm : confirm
confirm: confirm
};
this.openDialog(data, 'adf-add-permission-dialog', '630px');
return confirm;
} else {
let errors = new Error(JSON.stringify({ error: { statusCode: 403 } }));
errors.message = 'PERMISSION_MANAGER.ERROR.NOT-ALLOWED';
return Observable.throw(errors);
}
}
private openDialog(data: any, currentPanelClass: string, chosenWidth: string) {
@@ -72,8 +80,10 @@ export class NodePermissionDialogService {
* @returns Node with updated permissions
*/
updateNodePermissionByDialog(nodeId?: string, title?: string): Observable<MinimalNodeEntryEntity> {
return this.openAddPermissionDialog(nodeId, title).switchMap((selection) => {
return this.contentService.getNode(nodeId, { include: ['allowableOperations'] }).switchMap((node) => {
return this.openAddPermissionDialog(node.entry, title).switchMap((selection) => {
return this.nodePermissionService.updateNodePermissions(nodeId, selection);
});
});
}
}