Search in sources :

Example 26 with TestNetwork

use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.

the class TestSiteContainers method setup.

@Override
@Before
public void setup() throws Exception {
    // init networks
    super.setup();
    Iterator<TestNetwork> networksIt = getTestFixture().getNetworksIt();
    assertTrue(networksIt.hasNext());
    this.network1 = networksIt.next();
    assertTrue(networksIt.hasNext());
    this.network2 = networksIt.next();
    // Create some users in different networks
    TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

        @Override
        public Void doWork() throws Exception {
            // add as external user
            TestPerson person1 = network1.createUser();
            people1.add(person1);
            TestPerson person2 = network1.createUser();
            people1.add(person2);
            TestPerson person3 = network1.createUser();
            people1.add(person3);
            return null;
        }
    }, network1.getId());
    TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

        @Override
        public Void doWork() throws Exception {
            TestPerson person1 = network2.createUser();
            people2.add(person1);
            return null;
        }
    }, network2.getId());
    // site creator
    this.person11 = people1.get(0);
    // same network, not invited to site
    this.person12 = people1.get(1);
    // different network, not invited to site
    this.person21 = people2.get(0);
    // same network, invited to site
    this.person13 = people1.get(2);
    // TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>()
    // {
    // @Override
    // public Void doWork() throws Exception
    // {
    // // add as external user
    // TestPerson person1 = network2.createUser();
    // network2People.add(person1);
    // 
    // return null;
    // }
    // }, network2.getId());
    // 
    // final TestPerson person3 = network2People.get(0);
    // Create a public site
    this.site1 = TenantUtil.runAsUserTenant(new TenantRunAsWork<TestSite>() {

        @Override
        public TestSite doWork() throws Exception {
            TestSite testSite = network1.createSite(SiteVisibility.PUBLIC);
            return testSite;
        }
    }, person11.getId(), network1.getId());
    TenantUtil.runAsUserTenant(new TenantRunAsWork<Map<String, NodeRef>>() {

        @Override
        public Map<String, NodeRef> doWork() throws Exception {
            Map<String, NodeRef> containers = new HashMap<String, NodeRef>();
            containers.put("test1", site1.createContainer("test1"));
            containers.put("test2", site1.createContainer("test2"));
            containers.put("test3", site1.createContainer("test3"));
            return containers;
        }
    }, person11.getId(), network1.getId());
}
Also used : TestSite(org.alfresco.rest.api.tests.RepoService.TestSite) PublicApiException(org.alfresco.rest.api.tests.client.PublicApiException) NodeRef(org.alfresco.service.cmr.repository.NodeRef) TenantRunAsWork(org.alfresco.repo.tenant.TenantUtil.TenantRunAsWork) TestNetwork(org.alfresco.rest.api.tests.RepoService.TestNetwork) TestPerson(org.alfresco.rest.api.tests.RepoService.TestPerson) HashMap(java.util.HashMap) Map(java.util.Map) Before(org.junit.Before)

Example 27 with TestNetwork

use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.

the class TestSiteMembers method testSiteMembers.

// TODO set create member for a user who is a member of the site (not the creator)
// TODO split into more manageable test methods
@Test
public void testSiteMembers() throws Exception {
    Iterator<TestNetwork> networksIt = getTestFixture().getNetworksIt();
    final TestNetwork testNetwork = networksIt.next();
    final List<String> networkPeople = testNetwork.getPersonIds();
    String personId = networkPeople.get(0);
    Sites sitesProxy = publicApiClient.sites();
    {
        final List<SiteMember> expectedSiteMembers = new ArrayList<SiteMember>();
        // Create a private site and invite some users
        // TODO create site members using public api rather than directly using the services
        TestSite testSite = TenantUtil.runAsUserTenant(new TenantRunAsWork<TestSite>() {

            @Override
            public TestSite doWork() throws Exception {
                TestSite testSite = testNetwork.createSite(SiteVisibility.PRIVATE);
                for (int i = 1; i <= 5; i++) {
                    String inviteeId = networkPeople.get(i);
                    testSite.inviteToSite(inviteeId, SiteRole.SiteConsumer);
                    SiteMember sm = new SiteMember(inviteeId, repoService.getPerson(inviteeId), testSite.getSiteId(), SiteRole.SiteConsumer.toString());
                    expectedSiteMembers.add(sm);
                }
                return testSite;
            }
        }, personId, testNetwork.getId());
        {
            SiteMember sm = new SiteMember(personId, repoService.getPerson(personId), testSite.getSiteId(), SiteRole.SiteManager.toString());
            expectedSiteMembers.add(sm);
            Collections.sort(expectedSiteMembers);
        }
        // Test Case cloud-1482
        {
            int skipCount = 0;
            int maxItems = 2;
            Paging paging = getPaging(skipCount, maxItems, expectedSiteMembers.size(), null);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            ListResponse<SiteMember> siteMembers = sitesProxy.getSiteMembers(testSite.getSiteId(), createParams(paging, null));
            checkList(expectedSiteMembers.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), siteMembers);
        }
        {
            int skipCount = 2;
            int maxItems = 10;
            Paging paging = getPaging(skipCount, maxItems, expectedSiteMembers.size(), null);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            ListResponse<SiteMember> siteMembers = sitesProxy.getSiteMembers(testSite.getSiteId(), createParams(paging, null));
            checkList(expectedSiteMembers.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), siteMembers);
            HttpResponse response = sitesProxy.getAll("sites", testSite.getSiteId(), "members", null, createParams(paging, Collections.singletonMap("includeSource", "true")), "Failed to get all site members");
            checkList(expectedSiteMembers.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), SiteMember.parseSiteMembers(testSite.getSiteId(), response.getJsonResponse()));
            JSONObject source = sitesProxy.parseListSource(response.getJsonResponse());
            Site sourceSite = SiteImpl.parseSite(source);
            assertNotNull(sourceSite);
            testSite.expected(sourceSite);
        }
        // invalid site id
        try {
            int skipCount = 2;
            int maxItems = 10;
            Paging paging = getPaging(skipCount, maxItems, expectedSiteMembers.size(), null);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            sitesProxy.getSiteMembers(GUID.generate(), createParams(paging, null));
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // invalid methods
        try {
            SiteMember siteMember = expectedSiteMembers.get(0);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            sitesProxy.update("sites", testSite.getSiteId(), "members", null, siteMember.toJSON().toString(), "Unable to PUT site members");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        // Test Case cloud-1965
        try {
            SiteMember siteMember1 = expectedSiteMembers.get(0);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            sitesProxy.create("sites", testSite.getSiteId(), "members", siteMember1.getMemberId(), siteMember1.toJSON().toString(), "Unable to POST to a site member");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            SiteMember siteMember1 = expectedSiteMembers.get(0);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            sitesProxy.update("sites", testSite.getSiteId(), "members", null, siteMember1.toJSON().toString(), "Unable to PUT site members");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            sitesProxy.remove("sites", testSite.getSiteId(), "members", null, "Unable to DELETE site members");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        // update site member
        {
            SiteMember siteMember1 = expectedSiteMembers.get(0);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            SiteMember ret = sitesProxy.updateSiteMember(testSite.getSiteId(), siteMember1);
            assertEquals(siteMember1.getRole(), ret.getRole());
            Person expectedSiteMember = repoService.getPerson(siteMember1.getMemberId());
            expectedSiteMember.expected(ret.getMember());
        }
        // GET single site member
        {
            SiteMember siteMember1 = expectedSiteMembers.get(0);
            publicApiClient.setRequestContext(new RequestContext(testNetwork.getId(), personId));
            SiteMember ret = sitesProxy.getSingleSiteMember(testSite.getSiteId(), siteMember1.getMemberId());
            siteMember1.expected(ret);
        }
    }
    // test: user is member of different tenant, but has site membership(s) in common with the http request user
    {
        Iterator<TestNetwork> accountsIt = getTestFixture().getNetworksIt();
        assertTrue(accountsIt.hasNext());
        final TestNetwork network1 = accountsIt.next();
        assertTrue(accountsIt.hasNext());
        final TestNetwork network2 = accountsIt.next();
        final List<TestPerson> people = new ArrayList<TestPerson>();
        // Create users
        TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

            @Override
            public Void doWork() throws Exception {
                TestPerson person = network1.createUser();
                people.add(person);
                person = network1.createUser();
                people.add(person);
                person = network1.createUser();
                people.add(person);
                return null;
            }
        }, network1.getId());
        final TestPerson person1 = people.get(0);
        final TestPerson person2 = people.get(1);
        final TestPerson person3 = people.get(2);
        TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

            @Override
            public Void doWork() throws Exception {
                TestPerson person = network2.createUser();
                people.add(person);
                return null;
            }
        }, network2.getId());
        final TestPerson person4 = people.get(3);
        // Create site
        final TestSite site = TenantUtil.runAsUserTenant(new TenantRunAsWork<TestSite>() {

            @Override
            public TestSite doWork() throws Exception {
                TestSite site = network1.createSite(SiteVisibility.PUBLIC);
                return site;
            }
        }, person2.getId(), network1.getId());
        // invalid role - 400
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), "dodgyRole"));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
        }
        // user in network but not site member, try to create site member
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person3.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_FORBIDDEN, e.getHttpResponse().getStatusCode());
        }
        // unknown invitee - 404
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember("dodgyUser", SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // unknown site - 404
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            sitesProxy.createSiteMember("dodgySite", new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // inviter is not a member of the site
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(e.getMessage(), HttpStatus.SC_FORBIDDEN, e.getHttpResponse().getStatusCode());
        }
        // inviter is not a member of the site nor a member of the tenant
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person4.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            // TODO check that 404 is correct here - external user of network can't see public site??
            assertEquals(HttpStatus.SC_UNAUTHORIZED, e.getHttpResponse().getStatusCode());
        }
        {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            SiteMember sm = new SiteMember(person1.getId(), SiteRole.SiteConsumer.toString());
            SiteMember siteMember = sitesProxy.createSiteMember(site.getSiteId(), sm);
            assertEquals(person1.getId(), siteMember.getMemberId());
            assertEquals(SiteRole.SiteConsumer.toString(), siteMember.getRole());
        }
        // already invited
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_CONFLICT, e.getHttpResponse().getStatusCode());
        }
        // inviter is consumer member of the site, should not be able to add site member
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person4.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(e.getMessage(), HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // invitee from another network
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person4.getId(), SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(e.getMessage(), HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // missing person id
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(null, SiteRole.SiteContributor.toString()));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
        }
        // missing role
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), null));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
        }
        // check site membership in GET
        List<SiteMember> expectedSiteMembers = site.getMembers();
        {
            int skipCount = 0;
            int maxItems = Integer.MAX_VALUE;
            Paging paging = getPaging(skipCount, maxItems, expectedSiteMembers.size(), null);
            ListResponse<SiteMember> siteMembers = sitesProxy.getSiteMembers(site.getSiteId(), createParams(paging, null));
            checkList(expectedSiteMembers.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), siteMembers);
        }
    }
    // test: create site membership, remove it, get list of site memberships
    {
        Iterator<TestNetwork> accountsIt = getTestFixture().getNetworksIt();
        assertTrue(accountsIt.hasNext());
        final TestNetwork network1 = accountsIt.next();
        assertTrue(accountsIt.hasNext());
        final List<TestPerson> people = new ArrayList<TestPerson>();
        // Create user
        TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

            @Override
            public Void doWork() throws Exception {
                TestPerson person = network1.createUser();
                people.add(person);
                person = network1.createUser();
                people.add(person);
                person = network1.createUser();
                people.add(person);
                return null;
            }
        }, network1.getId());
        TestPerson person1 = people.get(0);
        TestPerson person2 = people.get(1);
        TestPerson person3 = people.get(2);
        // Create site
        TestSite site = TenantUtil.runAsUserTenant(new TenantRunAsWork<TestSite>() {

            @Override
            public TestSite doWork() throws Exception {
                TestSite site = network1.createSite(SiteVisibility.PRIVATE);
                return site;
            }
        }, person2.getId(), network1.getId());
        // remove site membership
        // for -me- user (PUBLICAPI-90)
        {
            // create a site member
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            SiteMember siteMember = sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
            assertEquals(person1.getId(), siteMember.getMemberId());
            assertEquals(SiteRole.SiteContributor.toString(), siteMember.getRole());
            SiteMember toRemove = new SiteMember("-me-");
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            sitesProxy.removeSiteMember(site.getSiteId(), toRemove);
        }
        {
            // create a site member
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            SiteMember siteMember = sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
            assertEquals(person1.getId(), siteMember.getMemberId());
            assertEquals(SiteRole.SiteContributor.toString(), siteMember.getRole());
            // note: needed for contains check below, ugh
            siteMember.setSiteId(site.getSiteId());
            // create another site member
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            SiteMember siteMemberAno = sitesProxy.createSiteMember(site.getSiteId(), new SiteMember(person3.getId(), SiteRole.SiteCollaborator.toString()));
            assertEquals(person3.getId(), siteMemberAno.getMemberId());
            assertEquals(SiteRole.SiteCollaborator.toString(), siteMemberAno.getRole());
            // note: needed for contains check below, ugh
            siteMemberAno.setSiteId(site.getSiteId());
            // unknown site
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.removeSiteMember(GUID.generate(), siteMember);
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
            }
            // unknown user
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.removeSiteMember(site.getSiteId(), new SiteMember(GUID.generate()));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
            }
            // cannot update site member (without appropriate site "permission" - see SiteService)
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
                sitesProxy.updateSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteCollaborator.toString()));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_UNPROCESSABLE_ENTITY, e.getHttpResponse().getStatusCode());
            }
            // cannot remove another site member (without appropriate site "permission" - see SiteService)
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
                sitesProxy.removeSiteMember(site.getSiteId(), new SiteMember(person3.getId()));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_UNPROCESSABLE_ENTITY, e.getHttpResponse().getStatusCode());
            }
            // remove site member
            {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.removeSiteMember(site.getSiteId(), siteMember);
            }
            // check site membership in GET
            List<SiteMember> expectedSiteMembers = site.getMembers();
            assertFalse(expectedSiteMembers.contains(siteMember));
            assertTrue(expectedSiteMembers.contains(siteMemberAno));
            {
                int skipCount = 0;
                int maxItems = Integer.MAX_VALUE;
                Paging paging = getPaging(skipCount, maxItems, expectedSiteMembers.size(), null);
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                ListResponse<SiteMember> siteMembers = sitesProxy.getSiteMembers(site.getSiteId(), createParams(paging, null));
                checkList(expectedSiteMembers.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), siteMembers);
            }
            // unknown site
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.updateSiteMember(GUID.generate(), siteMember);
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
            }
            // unknown user
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.updateSiteMember(site.getSiteId(), new SiteMember(GUID.generate()));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
            }
            // invalid role
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.updateSiteMember(site.getSiteId(), new SiteMember(person1.getId(), "invalidRole"));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
            }
            // user is not a member of the site - 400
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.updateSiteMember(site.getSiteId(), new SiteMember(person1.getId(), SiteRole.SiteContributor.toString()));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
            }
            // cannot update last member of site to be a non-manager
            try {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                sitesProxy.updateSiteMember(site.getSiteId(), new SiteMember(person2.getId(), SiteRole.SiteContributor.toString()));
                fail();
            } catch (PublicApiException e) {
                assertEquals(HttpStatus.SC_UNPROCESSABLE_ENTITY, e.getHttpResponse().getStatusCode());
            }
            // successful update
            {
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                SiteMember sm = new SiteMember(person1.getId(), SiteRole.SiteContributor.toString());
                SiteMember ret = sitesProxy.createSiteMember(site.getSiteId(), sm);
                assertEquals(SiteRole.SiteContributor.toString(), ret.getRole());
                person1.expected(ret.getMember());
                sm = new SiteMember(person1.getId(), SiteRole.SiteCollaborator.toString());
                ret = sitesProxy.updateSiteMember(site.getSiteId(), sm);
                assertEquals(SiteRole.SiteCollaborator.toString(), ret.getRole());
                person1.expected(ret.getMember());
                // check site membership in GET
                SiteMember smToCheck = sitesProxy.getSingleSiteMember(site.getSiteId(), person1.getId());
                // check that the update site membership is present
                assertNotNull(smToCheck);
                // check that the role is correct
                assertEquals(sm.getRole(), smToCheck.getRole());
                expectedSiteMembers = new ArrayList<>();
                SiteMember sm1 = new SiteMember(person1.getId(), person1, site.getSiteId(), SiteRole.SiteCollaborator.toString());
                expectedSiteMembers.add(sm1);
                SiteMember sm2 = new SiteMember(person2.getId(), person2, site.getSiteId(), SiteRole.SiteManager.toString());
                expectedSiteMembers.add(sm2);
                SiteMember sm3 = new SiteMember(person3.getId(), person3, site.getSiteId(), SiteRole.SiteCollaborator.toString());
                expectedSiteMembers.add(sm3);
                Collections.sort(expectedSiteMembers);
                int skipCount = 0;
                int maxItems = Integer.MAX_VALUE;
                Paging paging = getPaging(skipCount, maxItems, expectedSiteMembers.size(), null);
                publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
                ListResponse<SiteMember> siteMembers = sitesProxy.getSiteMembers(site.getSiteId(), createParams(paging, null));
                checkList(expectedSiteMembers.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), siteMembers);
            }
        }
    }
}
Also used : TestSite(org.alfresco.rest.api.tests.RepoService.TestSite) Site(org.alfresco.rest.api.tests.client.data.Site) ListResponse(org.alfresco.rest.api.tests.client.PublicApiClient.ListResponse) SiteMember(org.alfresco.rest.api.tests.client.data.SiteMember) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) RequestContext(org.alfresco.rest.api.tests.client.RequestContext) TestSite(org.alfresco.rest.api.tests.RepoService.TestSite) Paging(org.alfresco.rest.api.tests.client.PublicApiClient.Paging) HttpResponse(org.alfresco.rest.api.tests.client.HttpResponse) Sites(org.alfresco.rest.api.tests.client.PublicApiClient.Sites) PublicApiException(org.alfresco.rest.api.tests.client.PublicApiException) JSONObject(org.json.simple.JSONObject) TenantRunAsWork(org.alfresco.repo.tenant.TenantUtil.TenantRunAsWork) TestNetwork(org.alfresco.rest.api.tests.RepoService.TestNetwork) TestPerson(org.alfresco.rest.api.tests.RepoService.TestPerson) TestPerson(org.alfresco.rest.api.tests.RepoService.TestPerson) Person(org.alfresco.rest.api.tests.client.data.Person) Test(org.junit.Test)

Example 28 with TestNetwork

use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.

the class TestTags method testTags.

@Test
@Category({ LuceneTests.class, RedundantTests.class })
public void testTags() throws Exception {
    Iterator<TestNetwork> networksIt = getTestFixture().getNetworksIt();
    assertTrue(networksIt.hasNext());
    final TestNetwork network1 = networksIt.next();
    assertTrue(networksIt.hasNext());
    final TestNetwork network2 = networksIt.next();
    final List<TestPerson> people = new ArrayList<TestPerson>(3);
    // create users and some preferences
    TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

        @Override
        public Void doWork() throws Exception {
            TestPerson person = network1.createUser();
            people.add(person);
            person = network1.createUser();
            people.add(person);
            return null;
        }
    }, network1.getId());
    TenantUtil.runAsSystemTenant(new TenantRunAsWork<Void>() {

        @Override
        public Void doWork() throws Exception {
            TestPerson person = network2.createUser();
            people.add(person);
            return null;
        }
    }, network2.getId());
    final TestPerson person1 = people.get(0);
    final TestPerson person2 = people.get(1);
    final TestPerson person3 = people.get(2);
    final List<NodeRef> nodes = new ArrayList<NodeRef>();
    final List<TestSite> sites = new ArrayList<TestSite>();
    // Create site
    TenantUtil.runAsUserTenant(new TenantRunAsWork<Void>() {

        @Override
        public Void doWork() throws Exception {
            TestSite site = network1.createSite(SiteVisibility.PRIVATE);
            sites.add(site);
            NodeRef nodeRef = repoService.createDocument(site.getContainerNodeRef("documentLibrary"), "Test Doc", "Test Content");
            nodes.add(nodeRef);
            nodeRef = repoService.createDocument(site.getContainerNodeRef("documentLibrary"), "Test Doc 1", "Test Content 1");
            nodes.add(nodeRef);
            return null;
        }
    }, person1.getId(), network1.getId());
    final NodeRef nodeRef1 = nodes.get(0);
    final NodeRef nodeRef2 = nodes.get(1);
    Nodes nodesProxy = publicApiClient.nodes();
    Comments commentsProxy = publicApiClient.comments();
    Tags tagsProxy = publicApiClient.tags();
    final List<Tag> tags = new ArrayList<Tag>();
    tags.add(new Tag("tag 1"));
    tags.add(new Tag("tag 9"));
    tags.add(new Tag("other tag 3"));
    tags.add(new Tag("my tag 1"));
    tags.add(new Tag("tag 5"));
    // try to add a tag to a comment
    try {
        Comment comment = new Comment("Test Comment", "Test Comment");
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        Comment newComment = commentsProxy.createNodeComment(nodeRef1.getId(), comment);
        Tag tag = new Tag("testTag");
        nodesProxy.createNodeTag(newComment.getId(), tag);
        fail();
    } catch (PublicApiException e) {
        assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
    }
    // try to add a tag to a tag
    try {
        Tag tag = new Tag("testTag");
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        Tag newTag = nodesProxy.createNodeTag(nodeRef1.getId(), tag);
        nodesProxy.createNodeTag(newTag.getId(), tag);
        fail();
    } catch (PublicApiException e) {
        assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
    }
    // Test Case cloud-2221
    // Test Case cloud-2222
    // multi-byte characters, special characters, create and update tags
    {
        Tag[] multiByteTags = new Tag[] { new Tag("\u67e5\u770b\u5168\u90e8"), new Tag("\u67e5\u770b\u5168\u91e8"), new Tag("%^&%&$^£@") };
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        // first, create tags
        Map<String, Tag> createdTags = new HashMap<String, Tag>();
        for (Tag tag : multiByteTags) {
            Tag ret = nodesProxy.createNodeTag(nodeRef2.getId(), tag);
            createdTags.put(ret.getId(), ret);
        }
        int skipCount = 0;
        int maxItems = Integer.MAX_VALUE;
        Paging paging = getPaging(skipCount, maxItems);
        ListResponse<Tag> resp = nodesProxy.getNodeTags(nodeRef2.getId(), createParams(paging, null));
        List<Tag> retTags = resp.getList();
        assertEquals(createdTags.size(), retTags.size());
        for (Tag tag : retTags) {
            String tagId = tag.getId();
            Tag expectedTag = createdTags.get(tagId);
            expectedTag.expected(tag);
        }
        try {
            // update with an empty tag i.e. "" -> bad request
            Tag tag = new Tag("");
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.createNodeTag(nodeRef2.getId(), tag);
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
        }
        List<Tag> tagUpdates = new ArrayList<Tag>(createdTags.values());
        tagUpdates.get(0).setTag("\u4e00\u4e01\u4e02\u4e10");
        tagUpdates.get(1).setTag("\u4e00\u4e01\u4e12\u4e11");
        tagUpdates.get(2).setTag("\u4e00\u4e01\u4e12\u4e12");
        Map<String, Tag> updatedTags = new HashMap<String, Tag>();
        for (Tag tag : tagUpdates) {
            Tag ret = tagsProxy.update(tag);
            assertNotNull(ret.getId());
            assertNotNull(ret.getTag());
            // tag.expected(ret); disabled because tag id changes
            updatedTags.put(ret.getId(), ret);
        }
        // get updated tags
        List<Tag> expectedNodeTags = TenantUtil.runAsUserTenant(new TenantRunAsWork<List<Tag>>() {

            @Override
            public List<Tag> doWork() throws Exception {
                List<Tag> tags = repoService.getTags(nodeRef2);
                return tags;
            }
        }, person1.getId(), network1.getId());
        skipCount = 0;
        maxItems = tagUpdates.size();
        paging = getPaging(skipCount, maxItems, tagUpdates.size(), tagUpdates.size());
        resp = nodesProxy.getNodeTags(nodeRef2.getId(), createParams(paging, null));
        checkList(expectedNodeTags.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), resp);
    }
    {
        List<Tag> createdTags = new ArrayList<Tag>();
        // Test Case cloud-1975
        for (Tag tag : tags) {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            Tag ret = nodesProxy.createNodeTag(nodeRef1.getId(), tag);
            assertEquals(tag.getTag(), ret.getTag());
            assertNotNull(ret.getId());
            createdTags.add(ret);
        }
        // update tag, empty string
        try {
            Tag tag = new Tag(createdTags.get(0).getId(), "");
            tagsProxy.update(tag);
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_BAD_REQUEST, e.getHttpResponse().getStatusCode());
        }
        // invalid node id
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.createNodeTag(GUID.generate(), tags.get(0));
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // Test Case cloud-1973
        // Test Case cloud-2208
        // Test Case cloud-2219
        // check that the tags are there in the node tags, test paging
        List<Tag> expectedNodeTags = TenantUtil.runAsUserTenant(new TenantRunAsWork<List<Tag>>() {

            @Override
            public List<Tag> doWork() throws Exception {
                List<Tag> tags = repoService.getTags(nodeRef1);
                return tags;
            }
        }, person1.getId(), network1.getId());
        {
            int skipCount = 0;
            int maxItems = 2;
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            Paging paging = getPaging(skipCount, maxItems, expectedNodeTags.size(), expectedNodeTags.size());
            ListResponse<Tag> resp = nodesProxy.getNodeTags(nodeRef1.getId(), createParams(paging, null));
            checkList(expectedNodeTags.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), resp);
        }
        {
            int skipCount = 2;
            int maxItems = Integer.MAX_VALUE;
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            Paging paging = getPaging(skipCount, maxItems, expectedNodeTags.size(), expectedNodeTags.size());
            ListResponse<Tag> resp = nodesProxy.getNodeTags(nodeRef1.getId(), createParams(paging, null));
            checkList(expectedNodeTags.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), resp);
        }
        // invalid node
        try {
            int skipCount = 0;
            int maxItems = 2;
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            Paging paging = getPaging(skipCount, maxItems, expectedNodeTags.size(), expectedNodeTags.size());
            ListResponse<Tag> allTags = nodesProxy.getNodeTags("invalidNode", createParams(paging, null));
            checkList(expectedNodeTags.subList(skipCount, paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), allTags);
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
        }
        // user from another account - 403
        try {
            int skipCount = 0;
            int maxItems = 2;
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person3.getId()));
            Paging expectedPaging = getPaging(skipCount, maxItems, expectedNodeTags.size(), expectedNodeTags.size());
            nodesProxy.getNodeTags(nodeRef1.getId(), createParams(expectedPaging, null));
            fail("");
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_UNAUTHORIZED, e.getHttpResponse().getStatusCode());
        }
        // another user from the same account
        try {
            int skipCount = 0;
            int maxItems = 2;
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person2.getId()));
            Paging paging = getPaging(skipCount, maxItems, expectedNodeTags.size(), expectedNodeTags.size());
            ListResponse<Tag> resp = nodesProxy.getNodeTags(nodeRef1.getId(), createParams(paging, null));
            checkList(expectedNodeTags.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), resp);
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_FORBIDDEN, e.getHttpResponse().getStatusCode());
        }
        // Test Case cloud-1519
        // Test Case cloud-2206
        // Test Case cloud-2218
        // check that the tags are there in the network tags, test paging
        // TODO for user from another network who is invited to this network
        List<Tag> expectedNetworkTags = TenantUtil.runAsUserTenant(new TenantRunAsWork<List<Tag>>() {

            @Override
            public List<Tag> doWork() throws Exception {
                List<Tag> tags = repoService.getTags();
                return tags;
            }
        }, person1.getId(), network1.getId());
        {
            int skipCount = 0;
            int maxItems = 2;
            Paging paging = getPaging(skipCount, maxItems, expectedNetworkTags.size(), null);
            ListResponse<Tag> allTags = tagsProxy.getTags(createParams(paging, null));
            checkList(expectedNetworkTags.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), allTags);
        }
        {
            int skipCount = 2;
            int maxItems = Integer.MAX_VALUE;
            Paging paging = getPaging(skipCount, maxItems, expectedNetworkTags.size(), null);
            ListResponse<Tag> allTags = tagsProxy.getTags(createParams(paging, null));
            checkList(expectedNetworkTags.subList(skipCount, skipCount + paging.getExpectedPaging().getCount()), paging.getExpectedPaging(), allTags);
        }
    }
    {
        // Try a create with the same tag value
        Tag tag = tags.get(0);
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        nodesProxy.createNodeTag(nodeRef1.getId(), tag);
    }
    try {
        // Invalid node id
        Tag tag = tags.get(0);
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        nodesProxy.createNodeTag(GUID.generate(), tag);
        fail("");
    } catch (PublicApiException e) {
        assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
    }
    // Test Case cloud-2183
    // update tags
    {
        // get a network tag
        int skipCount = 0;
        int maxItems = 2;
        Paging paging = getPaging(skipCount, maxItems);
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        ListResponse<Tag> allTags = tagsProxy.getTags(createParams(paging, null));
        assertTrue(allTags.getList().size() > 0);
        // and update it
        Tag tag = allTags.getList().get(0);
        String newTagValue = GUID.generate();
        Tag newTag = new Tag(tag.getId(), newTagValue);
        publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
        Tag ret = tagsProxy.update(newTag);
        assertEquals(newTagValue, ret.getTag());
    // assertNotEquals(tag.getId, ret.getId()); // disabled due to CLOUD-628
    }
    // update invalid/unknown tag id
    try {
        Tag unknownTag = new Tag(GUID.generate(), GUID.generate());
        tagsProxy.update(unknownTag);
        fail();
    } catch (PublicApiException e) {
        assertEquals(HttpStatus.SC_NOT_FOUND, e.getHttpResponse().getStatusCode());
    }
    // Test Case cloud-1972
    // Test Case cloud-1974
    // not allowed methods
    {
        List<Tag> networkTags = TenantUtil.runAsUserTenant(new TenantRunAsWork<List<Tag>>() {

            @Override
            public List<Tag> doWork() throws Exception {
                List<Tag> tags = repoService.getTags();
                return tags;
            }
        }, person1.getId(), network1.getId());
        assertTrue(networkTags.size() > 0);
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.update("nodes", nodeRef1.getId(), "tags", null, null, "Unable to PUT node tags");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.remove("nodes", nodeRef1.getId(), "tags", null, "Unable to DELETE node tags");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.update("nodes", nodeRef1.getId(), "tags", tag.getId(), null, "Unable to PUT node tag");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.create("tags", null, null, null, tag.toJSON().toString(), "Unable to POST to tags");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.update("tags", null, null, null, tag.toJSON().toString(), "Unable to PUT tags");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.remove("tags", null, null, null, "Unable to DELETE tags");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.create("tags", tag.getId(), null, null, tag.toJSON().toString(), "Unable to POST to a tag");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        try {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.remove("tags", tag.getId(), null, null, "Unable to DELETE a tag");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
        // delete node tag
        {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.removeNodeTag(nodeRef1.getId(), tag.getId());
            // check that the tag is gone
            ListResponse<Tag> resp = nodesProxy.getNodeTags(nodeRef1.getId(), createParams(getPaging(0, Integer.MAX_VALUE), null));
            List<Tag> nodeTags = resp.getList();
            assertTrue(!nodeTags.contains(tag));
        }
        try {
            Tag tag = networkTags.get(0);
            publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1.getId()));
            nodesProxy.getSingle("nodes", nodeRef1.getId(), "tags", tag.getId(), "Unable to GET node tag");
            fail();
        } catch (PublicApiException e) {
            assertEquals(HttpStatus.SC_METHOD_NOT_ALLOWED, e.getHttpResponse().getStatusCode());
        }
    }
}
Also used : ListResponse(org.alfresco.rest.api.tests.client.PublicApiClient.ListResponse) ArrayList(java.util.ArrayList) NodeRef(org.alfresco.service.cmr.repository.NodeRef) ArrayList(java.util.ArrayList) List(java.util.List) RequestContext(org.alfresco.rest.api.tests.client.RequestContext) Tags(org.alfresco.rest.api.tests.client.PublicApiClient.Tags) Comment(org.alfresco.rest.api.tests.client.data.Comment) TestSite(org.alfresco.rest.api.tests.RepoService.TestSite) Comments(org.alfresco.rest.api.tests.client.PublicApiClient.Comments) Paging(org.alfresco.rest.api.tests.client.PublicApiClient.Paging) PublicApiException(org.alfresco.rest.api.tests.client.PublicApiException) Nodes(org.alfresco.rest.api.tests.client.PublicApiClient.Nodes) PublicApiException(org.alfresco.rest.api.tests.client.PublicApiException) TenantRunAsWork(org.alfresco.repo.tenant.TenantUtil.TenantRunAsWork) TestNetwork(org.alfresco.rest.api.tests.RepoService.TestNetwork) Tag(org.alfresco.rest.api.tests.client.data.Tag) TestPerson(org.alfresco.rest.api.tests.RepoService.TestPerson) HashMap(java.util.HashMap) Map(java.util.Map) Category(org.junit.experimental.categories.Category) Test(org.junit.Test)

Example 29 with TestNetwork

use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.

the class TaskWorkflowApiTest method testGetTaskVariablesAuthentication.

@Test
public void testGetTaskVariablesAuthentication() throws Exception {
    RequestContext requestContext = initApiClientWithTestUser();
    String initiator = getOtherPersonInNetwork(requestContext.getRunAsUser(), requestContext.getNetworkId()).getId();
    // Start process by one user and try to access the task variables as the task assignee instead of the process
    // initiator to see if the assignee is authorized to get the task
    ProcessInstance processInstance = startAdhocProcess(initiator, requestContext.getNetworkId(), null);
    try {
        Task task = activitiProcessEngine.getTaskService().createTaskQuery().processInstanceId(processInstance.getId()).singleResult();
        assertNotNull(task);
        TasksClient tasksClient = publicApiClient.tasksClient();
        // Try accessing task variables when NOT involved in the task
        try {
            tasksClient.findTaskVariables(task.getId());
            fail("Exception expected");
        } catch (PublicApiException expected) {
            assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
            assertErrorSummary("Permission was denied", expected.getHttpResponse());
        }
        // Set assignee, task variables should be accessible now
        activitiProcessEngine.getTaskService().setAssignee(task.getId(), requestContext.getRunAsUser());
        JSONObject jsonObject = tasksClient.findTaskVariables(task.getId());
        assertNotNull(jsonObject);
        // Fetching task variables as admin should be possible
        String tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + requestContext.getNetworkId();
        publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
        jsonObject = tasksClient.findTaskVariables(task.getId());
        assertNotNull(jsonObject);
        // Fetching the task variables as a admin from another tenant shouldn't be possible
        TestNetwork anotherNetwork = getOtherNetwork(requestContext.getNetworkId());
        tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + anotherNetwork.getId();
        publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
        try {
            tasksClient.findTaskVariables(task.getId());
            fail("Exception expected");
        } catch (PublicApiException expected) {
            assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
            assertErrorSummary("Permission was denied", expected.getHttpResponse());
        }
    } finally {
        cleanupProcessInstance(processInstance);
    }
}
Also used : PublicApiException(org.alfresco.rest.api.tests.client.PublicApiException) Task(org.activiti.engine.task.Task) JSONObject(org.json.simple.JSONObject) TasksClient(org.alfresco.rest.workflow.api.tests.WorkflowApiClient.TasksClient) TestNetwork(org.alfresco.rest.api.tests.RepoService.TestNetwork) ProcessInstance(org.activiti.engine.runtime.ProcessInstance) RequestContext(org.alfresco.rest.api.tests.client.RequestContext) Test(org.junit.Test)

Example 30 with TestNetwork

use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.

the class TaskWorkflowApiTest method testGetTasksAuthorization.

@Test
public void testGetTasksAuthorization() throws Exception {
    RequestContext requestContext = initApiClientWithTestUser();
    String initiator = getOtherPersonInNetwork(requestContext.getRunAsUser(), requestContext.getNetworkId()).getId();
    // Start process by one user and try to access the task as the task assignee instead of the process
    // initiator to see if the assignee is authorized to get the task
    ProcessInstance processInstance = startAdhocProcess(initiator, requestContext.getNetworkId(), null);
    try {
        Task task = activitiProcessEngine.getTaskService().createTaskQuery().processInstanceId(processInstance.getId()).singleResult();
        assertNotNull(task);
        TasksClient tasksClient = publicApiClient.tasksClient();
        Map<String, String> params = new HashMap<String, String>();
        params.put("processId", processInstance.getId());
        JSONObject resultingTasks = tasksClient.findTasks(params);
        assertNotNull(resultingTasks);
        JSONArray jsonEntries = (JSONArray) resultingTasks.get("entries");
        assertNotNull(jsonEntries);
        assertEquals(0, jsonEntries.size());
        // Set assignee, task should be in the result now
        activitiProcessEngine.getTaskService().setAssignee(task.getId(), requestContext.getRunAsUser());
        resultingTasks = tasksClient.findTasks(params);
        assertNotNull(resultingTasks);
        jsonEntries = (JSONArray) resultingTasks.get("entries");
        assertNotNull(jsonEntries);
        assertEquals(1, jsonEntries.size());
        // Fetching task as admin should be possible
        String tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + requestContext.getNetworkId();
        publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
        resultingTasks = tasksClient.findTasks(params);
        assertNotNull(resultingTasks);
        jsonEntries = (JSONArray) resultingTasks.get("entries");
        assertNotNull(jsonEntries);
        assertEquals(1, jsonEntries.size());
        // Fetching the task as a admin from another tenant shouldn't be possible
        TestNetwork anotherNetwork = getOtherNetwork(requestContext.getNetworkId());
        tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + anotherNetwork.getId();
        publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
        resultingTasks = tasksClient.findTasks(params);
        assertNotNull(resultingTasks);
        jsonEntries = (JSONArray) resultingTasks.get("entries");
        assertNotNull(jsonEntries);
        assertEquals(0, jsonEntries.size());
    } finally {
        cleanupProcessInstance(processInstance);
    }
}
Also used : Task(org.activiti.engine.task.Task) JSONObject(org.json.simple.JSONObject) HashMap(java.util.HashMap) TasksClient(org.alfresco.rest.workflow.api.tests.WorkflowApiClient.TasksClient) JSONArray(org.json.simple.JSONArray) TestNetwork(org.alfresco.rest.api.tests.RepoService.TestNetwork) ProcessInstance(org.activiti.engine.runtime.ProcessInstance) RequestContext(org.alfresco.rest.api.tests.client.RequestContext) Test(org.junit.Test)

Aggregations

TestNetwork (org.alfresco.rest.api.tests.RepoService.TestNetwork)65 Test (org.junit.Test)51 RequestContext (org.alfresco.rest.api.tests.client.RequestContext)50 PublicApiException (org.alfresco.rest.api.tests.client.PublicApiException)47 TestPerson (org.alfresco.rest.api.tests.RepoService.TestPerson)38 TestSite (org.alfresco.rest.api.tests.RepoService.TestSite)33 HashMap (java.util.HashMap)29 NodeRef (org.alfresco.service.cmr.repository.NodeRef)28 VersionableAspectTest (org.alfresco.repo.version.VersionableAspectTest)26 SiteInformation (org.alfresco.rest.api.tests.RepoService.SiteInformation)25 CmisSession (org.alfresco.rest.api.tests.client.PublicApiClient.CmisSession)23 CmisObjectNotFoundException (org.apache.chemistry.opencmis.commons.exceptions.CmisObjectNotFoundException)22 CmisUpdateConflictException (org.apache.chemistry.opencmis.commons.exceptions.CmisUpdateConflictException)22 CmisConstraintException (org.apache.chemistry.opencmis.commons.exceptions.CmisConstraintException)21 CmisInvalidArgumentException (org.apache.chemistry.opencmis.commons.exceptions.CmisInvalidArgumentException)21 CmisPermissionDeniedException (org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException)21 ArrayList (java.util.ArrayList)18 AlfrescoDocument (org.alfresco.cmis.client.AlfrescoDocument)18 AlfrescoFolder (org.alfresco.cmis.client.AlfrescoFolder)15 Document (org.apache.chemistry.opencmis.client.api.Document)15