use of org.alfresco.rest.api.model.NodePermissions in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdatePermissionsDefaultInheritFromParent.
/**
* Test default inherit from parent
*
* @throws Exception
*/
private void testUpdatePermissionsDefaultInheritFromParent() throws Exception {
// create folder
Folder folder = new Folder();
folder.setName("testFolder" + GUID.generate());
folder.setNodeType(TYPE_CM_FOLDER);
// set permissions on previously created folder
NodePermissions nodePermissions = new NodePermissions();
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.EDITOR, AccessStatus.DENIED.toString()));
nodePermissions.setLocallySet(locallySetPermissions);
folder.setPermissions(nodePermissions);
HttpResponse response = post(getNodeChildrenUrl(Nodes.PATH_MY), RestApiUtil.toJsonAsStringNonNull(folder), 201);
Folder f = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
// create a new document in testFolder
String docId = createDocument(getNodeChildrenUrl(f.getId()));
Map params = new HashMap<>();
params.put("include", "permissions");
response = getSingle(NodesEntityResource.class, docId, params, 200);
Document docResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertTrue("Inheritance hasn't been enabled!", docResp.getPermissions().getIsInheritanceEnabled());
assertTrue("Permissions were not inherited from parent!", docResp.getPermissions().getInherited().size() > 0);
}
use of org.alfresco.rest.api.model.NodePermissions in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdatePermissionInvalidName.
/**
* Test attempt to set permission with an invalid name
*
* @throws Exception
*/
private void testUpdatePermissionInvalidName() throws Exception {
// create folder with an empty document
String postUrl = createFolder();
String dId = createDocument(postUrl);
// update permissions
Document dUpdate = new Document();
NodePermissions nodePermissions = new NodePermissions();
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, "InvalidName", AccessStatus.DENIED.toString()));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// "Cannot set permissions on this node - unknown permission name:
// InvalidName"
put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 400);
}
use of org.alfresco.rest.api.model.NodePermissions in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdatePermissionInvalidAccessStatus.
/**
* Test attempt to set permission with an invalid access status
*
* @throws Exception
*/
private void testUpdatePermissionInvalidAccessStatus() throws Exception {
// create folder with an empty document
String postUrl = createFolder();
String dId = createDocument(postUrl);
// update permissions
Document dUpdate = new Document();
NodePermissions nodePermissions = new NodePermissions();
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.CONSUMER, "InvalidAccessLevel"));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// "Cannot set permissions on this node - unknown access status:
// InvalidName"
put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 400);
}
use of org.alfresco.rest.api.model.NodePermissions in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdatePermissionsOnNode.
/**
* Test update permission on a node
*
* @throws Exception
*/
private void testUpdatePermissionsOnNode() throws Exception {
// create folder with an empty document
String postUrl = createFolder();
String dId = createDocument(postUrl);
// update permissions
Document dUpdate = new Document();
NodePermissions nodePermissions = new NodePermissions();
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.CONSUMER, AccessStatus.ALLOWED.toString()));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// update node
HttpResponse response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
validatePermissionsAfterUpdate(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), locallySetPermissions);
// Check permissions on node for user2 (part of groupB)
AuthenticationUtil.setRunAsUser(user2);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.CONSUMER) == AccessStatus.DENIED);
// Check permissions on node for user1 (part of groupA)
AuthenticationUtil.setRunAsUser(user1);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.CONSUMER) == AccessStatus.ALLOWED);
// add two groups with different permissions for each
locallySetPermissions.clear();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.EDITOR, AccessStatus.ALLOWED.toString()));
locallySetPermissions.add(new NodePermissions.NodePermission(groupB, PermissionService.CONSUMER, AccessStatus.ALLOWED.toString()));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// update node
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
validatePermissionsAfterUpdate(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), locallySetPermissions);
// Check permissions on node for user2 (part of groupB)
AuthenticationUtil.setRunAsUser(user2);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.CONSUMER) == AccessStatus.ALLOWED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.EDITOR) == AccessStatus.DENIED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.WRITE) == AccessStatus.DENIED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.READ) == AccessStatus.ALLOWED);
// Check permissions on node for user1 (part of groupA)
AuthenticationUtil.setRunAsUser(user1);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.EDITOR) == AccessStatus.ALLOWED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.WRITE) == AccessStatus.ALLOWED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.READ) == AccessStatus.ALLOWED);
}
use of org.alfresco.rest.api.model.NodePermissions in project alfresco-remote-api by Alfresco.
the class SharedLinkApiTest method testGetSharedLinksIncludePath.
/**
* Tests for get /shared-links?include=path
*
* <p>GET:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/shared-links?include=path}
*/
@Test
@Category({ LuceneTests.class, RedundantTests.class })
public void testGetSharedLinksIncludePath() throws Exception {
String contentText = "includePathTest" + RUNID;
Paging paging = getPaging(0, 100);
Map<String, String> queryParams = new HashMap<>();
queryParams.put("include", "path");
// As user 1: Test the backward compatibility by checking response with and without path is consistent when no shared-links
setRequestContext(user1);
// Get all shared links visible to user 1
HttpResponse response = getAll(URL_SHARED_LINKS, paging, 200);
List<QuickShareLink> sharedLinks = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), QuickShareLink.class);
// Check that the same no of items is returned with include=path
response = getAll(URL_SHARED_LINKS, paging, queryParams, 200);
List<QuickShareLink> sharedLinksWithPath = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), QuickShareLink.class);
assertEquals("get /shared-links/ API returns same no of shared-links with or without include=path, when there are no shared-links", sharedLinks, sharedLinksWithPath);
// Create Files in various locations: My Files, SharedFiles, Sites with different visibility
// Create doc in "My Files"
Document myFile = createTextFile(getMyNodeId(), "MyFile" + RUNID + ".txt", contentText);
// Create doc in "Shared" folder
Document sharedFile = createTextFile(getSharedNodeId(), "SharedFile" + RUNID + ".txt", contentText);
// Create Sites
Site publicSite = createSite("TestSite-Public-" + RUNID, SiteVisibility.PUBLIC);
Site modSite = createSite("TestSite-Moderate-" + RUNID, SiteVisibility.MODERATED);
Site privateSite = createSite("TestSite-Private-" + RUNID, SiteVisibility.PRIVATE);
// Create file in Site Public > DocumentLibrary
String docLibPub = getSiteContainerNodeId(publicSite.getId(), "documentLibrary");
Document filePublic = createTextFile(docLibPub, "filePublic.txt", contentText);
// Create files in Site Moderated > DocumentLibrary > Folder 1 and Folder 2
String docLibMod = getSiteContainerNodeId(modSite.getId(), "documentLibrary");
Folder folder1 = createFolder(docLibMod, "1");
Folder folder2 = createFolder(docLibMod, "2");
Document fileMod = createTextFile(folder1.getId(), "fileMod.txt", contentText);
Document fileMod2 = createTextFile(folder2.getId(), "fileMod2.txt", contentText);
// Create file in Site Private > DocumentLibrary
String docLibPvt = getSiteContainerNodeId(privateSite.getId(), "documentLibrary");
Document filePrivate = createTextFile(docLibPvt, "filePrivate.txt", contentText);
// Share the files above in: My Files, SharedFiles, Sites with different visibility
String myFileLinkId = postSharedLink(myFile);
String sharedLinkId = postSharedLink(sharedFile);
String filePublicLinkId = postSharedLink(filePublic);
String fileModLinkId = postSharedLink(fileMod);
String fileMod2LinkId = postSharedLink(fileMod2);
String filePrivateLinkId = postSharedLink(filePrivate);
// Grant user2: Consumer Permission for Moderated Site > File1
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(user2, PermissionService.CONSUMER, AccessStatus.ALLOWED.toString()));
NodePermissions nodePermissions = new NodePermissions();
nodePermissions.setIsInheritanceEnabled(false);
nodePermissions.setLocallySet(locallySetPermissions);
Document docPermissions = new Document();
docPermissions.setPermissions(nodePermissions);
put(URL_NODES, fileMod.getId(), toJsonAsStringNonNull(docPermissions), null, 200);
// Grant user2: Consumer Permission for Moderated Site > Folder 2, File2
put(URL_NODES, fileMod2.getId(), toJsonAsStringNonNull(docPermissions), null, 200);
Folder folderPermissions = new Folder();
folderPermissions.setPermissions(nodePermissions);
put(URL_NODES, folder2.getId(), toJsonAsStringNonNull(folderPermissions), null, 200);
// Get links For User1
setRequestContext(user1);
response = getSingle(QuickShareLinkEntityResource.class, myFileLinkId, null, 200);
QuickShareLink link = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), QuickShareLink.class);
assertNull("get /shared-links/<id> API does not return Path info by default", link.getPath());
// Path info is not included for get shared-links/<id>
response = getSingle(QuickShareLinkEntityResource.class, myFileLinkId, queryParams, 200);
link = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), QuickShareLink.class);
assertNull("get /shared-links/<id> API ignores Path info when requested as it is a noAuth API.", link.getPath());
response = getAll(URL_SHARED_LINKS, paging, 200);
sharedLinks = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), QuickShareLink.class);
assertEquals("API returns correct shared-links as expected: without path info", 6, sharedLinks.size());
sharedLinks.forEach(sharedLink -> assertNull("API does not return Path info for any shared-links by default", sharedLink.getPath()));
// Path info is included for get shared-links when requested
response = getAll(URL_SHARED_LINKS, paging, queryParams, 200);
sharedLinks = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), QuickShareLink.class);
// Complete path info is retrieved for the user with access to the complete path
assertEquals("API returns correct shared-links as expected: with path info", 6, sharedLinks.size());
sharedLinks.forEach(sharedLink -> assertTrue("API returns Complete Path info for each link when requested by content owner", sharedLink.getPath().getIsComplete()));
// Get links For User2
setRequestContext(user2);
response = getAll(URL_SHARED_LINKS, paging, 200);
sharedLinks = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), QuickShareLink.class);
// Path info is not included when not requested
assertEquals("API returns correct shared-links as expected for user2: without path info", 4, sharedLinks.size());
sharedLinks.forEach(sharedLink -> assertNull("get /shared-links/ API does not return Path info for any shared-links by default", sharedLink.getPath()));
response = getAll(URL_SHARED_LINKS, paging, queryParams, 200);
sharedLinks = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), QuickShareLink.class);
// Path info is retrieved for the user with access to the complete path: Sorted as LIFO
assertEquals("API returns correct shared-links as expected for user2: with path info", 4, sharedLinks.size());
sharedLinks.forEach(sharedLink -> assertNotNull("API returns Path info for each link when requested by user2", sharedLink.getPath()));
// Moderated Site > fileMod2: Path only includes elements where user2 has access
QuickShareLink sharedLink = sharedLinks.get(0);
assertEquals("Incorrect sort order or SharedLink ID for fileMod2: " + sharedLink, fileMod2LinkId, sharedLink.getId());
PathInfo path = sharedLink.getPath();
assertEquals("Complete Path is returned even when user2 does not have appropriate permissions. SharedLink Path: " + path, false, path.getIsComplete());
assertEquals("Path omits immediate Parent folder Name when user has access to it. SharedLink Path: " + path, "/" + folder2.getName(), path.getName());
assertEquals("Path omits immediate Parent folder ID when user has access to it. SharedLink Path: " + path, folder2.getId(), path.getElements().get(0).getId());
// Moderated Site > fileMod: Path empty when user2 does not have access to the immediate parent
sharedLink = sharedLinks.get(1);
assertEquals("Incorrect sort order or SharedLink ID for fileMod: " + sharedLink, fileModLinkId, sharedLink.getId());
path = sharedLink.getPath();
assertNotNull("Path info is not included in the response when user does not have right permissions. SharedLink Path: " + path, path);
assertNull("Path Name is returned when user does not have right permissions. SharedLink Path: " + path, path.getName());
assertNull("Path info is returned when user does not have right permissions. SharedLink Path: " + path, path.getIsComplete());
assertNull("Path Elements are returned when user does not have right permissions. SharedLink Path: " + path, path.getElements());
// Public Site > filePublic: Path includes all the elements when user2 has appropriate access
sharedLink = sharedLinks.get(2);
assertEquals("Incorrect sort order or SharedLink ID for filePublic: " + sharedLink, filePublicLinkId, sharedLink.getId());
path = sharedLink.getPath();
assertEquals("Complete Path is not returned for user2 for public files. SharedLink Path: " + path, true, path.getIsComplete());
assertEquals("Incorrect Path Name for Public Site Files. SharedLink Path: " + path, "/Company Home/Sites/" + publicSite.getId() + "/documentLibrary", path.getName());
assertEquals("Incorrect Path Elements for Public Site Files. SharedLink Path: " + path, 4, path.getElements().size());
assertEquals("Incorrect ID in the Path for Company Home. SharedLink Path: " + path, getRootNodeId(), path.getElements().get(0).getId());
assertEquals("Incorrect ID in the Path for Public Site. SharedLink Path: " + path, publicSite.getGuid(), path.getElements().get(2).getId());
assertEquals("Incorrect ID in the Path for Public Site DocLib. SharedLink Path: " + path, docLibPub, path.getElements().get(3).getId());
// Shared Files > shared: Path includes all the elements when user2 has appropriate access
sharedLink = sharedLinks.get(3);
assertEquals("Incorrect sort order or SharedLink ID for sharedFiles: " + sharedLink, sharedLinkId, sharedLink.getId());
path = sharedLink.getPath();
assertEquals("Complete Path is not returned for user2 for shared files. SharedLink Path: " + path, true, path.getIsComplete());
assertEquals("Incorrect Path Name for Shared Files. SharedLink Path: " + path, "/Company Home/Shared", path.getName());
assertEquals("Incorrect Path Elements for Shared Files. SharedLink Path: " + path, 2, path.getElements().size());
assertEquals("Incorrect ID in the Path for Company Home. SharedLink Path: " + path, getRootNodeId(), path.getElements().get(0).getId());
assertEquals("Incorrect ID in the path for Shared Files. SharedLink Path: " + path, getSharedNodeId(), path.getElements().get(1).getId());
// Unauthorized request returns 401
setRequestContext(null, "UserNotKnown", DEFAULT_ADMIN_PWD);
queryParams = new HashMap<>();
getAll(URL_SHARED_LINKS, paging, queryParams, 401);
// Unauthenticated request returns 401
setRequestContext(user2, null, null);
getAll(URL_SHARED_LINKS, paging, queryParams, 401);
// Delete the shared links
setRequestContext(user1);
deleteSharedLink(myFileLinkId);
deleteSharedLink(sharedLinkId);
deleteSharedLink(filePublicLinkId);
deleteSharedLink(fileModLinkId);
deleteSharedLink(fileMod2LinkId);
deleteSharedLink(filePrivateLinkId);
}
Aggregations