use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.
the class AbstractTestFixture method createTestData.
public void createTestData() {
for (final TestNetwork testAccount : getNetworks().values()) {
transactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() {
@SuppressWarnings("synthetic-access")
public Void execute() throws Throwable {
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName());
testAccount.create();
for (PersonInfo testPerson : people) {
testAccount.createUser(testPerson);
}
return null;
}
}, false, true);
transactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() {
@SuppressWarnings("synthetic-access")
public Void execute() throws Throwable {
// clear fully authenticated user ("admin") - affects site creation (which uses this to setup perms)
AuthenticationUtil.clearCurrentSecurityContext();
if (testAccount.getPersonIds().size() > 0) {
// use a fixed sample size of account members (so we have some left over for tests)
List<String> people = testAccount.peopleSample(testAccount.getPersonIds().size());
String tenantDomain = testAccount.getId();
int i = 0;
for (final SiteInformation site : getSites().values()) {
final Iterator<String> peopleIterator = RepoService.getWrappingIterator(i++, people);
final String siteCreator = peopleIterator.next();
assertNotNull(siteCreator);
TenantUtil.runAsUserTenant(new TenantRunAsWork<Void>() {
@Override
public Void doWork() throws Exception {
final TestSite testSite = testAccount.createSite(site);
// invite some members to the site, leave at least one non-site member
for (int j = 0; j < numMembersPerSite; j++) {
String siteMember = peopleIterator.next();
assertNotNull(siteMember);
testSite.inviteToSite(siteMember, SiteRole.SiteContributor);
}
return null;
}
}, siteCreator, tenantDomain);
}
}
return null;
}
}, false, true);
}
}
use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.
the class TaskWorkflowApiTest method testDeleteTaskVariableAuthentication.
@Test
public void testDeleteTaskVariableAuthentication() throws Exception {
RequestContext requestContext = initApiClientWithTestUser();
String initiator = getOtherPersonInNetwork(requestContext.getRunAsUser(), requestContext.getNetworkId()).getId();
// Start process by one user and try to access the task variables as the task assignee instead of the process
// initiator to see if the assignee is authorized to get the task
ProcessInstance processInstance = startAdhocProcess(initiator, requestContext.getNetworkId(), null);
try {
Task task = activitiProcessEngine.getTaskService().createTaskQuery().processInstanceId(processInstance.getId()).singleResult();
assertNotNull(task);
TasksClient tasksClient = publicApiClient.tasksClient();
activitiProcessEngine.getTaskService().setVariableLocal(task.getId(), "existingVariable", "Value");
// Try updating task variables when NOT involved in the task
try {
tasksClient.deleteTaskVariable(task.getId(), "existingVariable");
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
assertErrorSummary("Permission was denied", expected.getHttpResponse());
}
assertTrue(activitiProcessEngine.getTaskService().hasVariableLocal(task.getId(), "existingVariable"));
// Set assignee, task variables should be updatable now
activitiProcessEngine.getTaskService().setAssignee(task.getId(), requestContext.getRunAsUser());
tasksClient.deleteTaskVariable(task.getId(), "existingVariable");
assertFalse(activitiProcessEngine.getTaskService().hasVariableLocal(task.getId(), "existingVariable"));
activitiProcessEngine.getTaskService().setVariableLocal(task.getId(), "existingVariable", "Value");
// Updating task variables as admin should be possible
String tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + requestContext.getNetworkId();
publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
tasksClient.deleteTaskVariable(task.getId(), "existingVariable");
assertFalse(activitiProcessEngine.getTaskService().hasVariableLocal(task.getId(), "existingVariable"));
activitiProcessEngine.getTaskService().setVariableLocal(task.getId(), "existingVariable", "Value");
// Updating the task variables as a admin from another tenant shouldn't be possible
TestNetwork anotherNetwork = getOtherNetwork(requestContext.getNetworkId());
tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + anotherNetwork.getId();
publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
try {
tasksClient.deleteTaskVariable(task.getId(), "existingVariable");
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
assertErrorSummary("Permission was denied", expected.getHttpResponse());
}
} finally {
cleanupProcessInstance(processInstance);
}
}
use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.
the class TaskWorkflowApiTest method testUpdateTaskVariablesAuthentication.
@Test
@SuppressWarnings("unchecked")
public void testUpdateTaskVariablesAuthentication() throws Exception {
RequestContext requestContext = initApiClientWithTestUser();
String initiator = getOtherPersonInNetwork(requestContext.getRunAsUser(), requestContext.getNetworkId()).getId();
// Start process by one user and try to access the task variables as the task assignee instead of the process
// initiator to see if the assignee is authorized to get the task
ProcessInstance processInstance = startAdhocProcess(initiator, requestContext.getNetworkId(), null);
try {
JSONObject variableBody = new JSONObject();
variableBody.put("name", "newVariable");
variableBody.put("value", 1234);
variableBody.put("scope", "global");
Task task = activitiProcessEngine.getTaskService().createTaskQuery().processInstanceId(processInstance.getId()).singleResult();
assertNotNull(task);
TasksClient tasksClient = publicApiClient.tasksClient();
// Try updating task variables when NOT involved in the task
try {
tasksClient.updateTaskVariable(task.getId(), "newVariable", variableBody);
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
assertErrorSummary("Permission was denied", expected.getHttpResponse());
}
// Set assignee, task variables should be updatable now
activitiProcessEngine.getTaskService().setAssignee(task.getId(), requestContext.getRunAsUser());
JSONObject jsonObject = tasksClient.updateTaskVariable(task.getId(), "newVariable", variableBody);
assertNotNull(jsonObject);
// Updating task variables as admin should be possible
String tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + requestContext.getNetworkId();
publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
jsonObject = tasksClient.updateTaskVariable(task.getId(), "newVariable", variableBody);
assertNotNull(jsonObject);
// Updating the task variables as a admin from another tenant shouldn't be possible
TestNetwork anotherNetwork = getOtherNetwork(requestContext.getNetworkId());
tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + anotherNetwork.getId();
publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
try {
jsonObject = tasksClient.updateTaskVariable(task.getId(), "newVariable", variableBody);
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
assertErrorSummary("Permission was denied", expected.getHttpResponse());
}
} finally {
cleanupProcessInstance(processInstance);
}
}
use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.
the class TaskWorkflowApiTest method testGetTaskByIdAuthorization.
@Test
public void testGetTaskByIdAuthorization() throws Exception {
RequestContext requestContext = initApiClientWithTestUser();
String initiator = getOtherPersonInNetwork(requestContext.getRunAsUser(), requestContext.getNetworkId()).getId();
// Start process by one user and try to access the task as the task assignee instead of the process
// initiator to see if the assignee is authorized to get the task
ProcessInstance processInstance = startAdhocProcess(initiator, requestContext.getNetworkId(), null);
try {
Task task = activitiProcessEngine.getTaskService().createTaskQuery().processInstanceId(processInstance.getId()).singleResult();
assertNotNull(task);
TasksClient tasksClient = publicApiClient.tasksClient();
// Try accessing task when NOT involved in the task
try {
tasksClient.findTaskById(task.getId());
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
assertErrorSummary("Permission was denied", expected.getHttpResponse());
}
// Set assignee, task should be accessible now
activitiProcessEngine.getTaskService().setAssignee(task.getId(), requestContext.getRunAsUser());
JSONObject jsonObject = tasksClient.findTaskById(task.getId());
assertNotNull(jsonObject);
// Fetching task as admin should be possible
String tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + requestContext.getNetworkId();
publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
jsonObject = tasksClient.findTaskById(task.getId());
assertNotNull(jsonObject);
// Fetching the task as a admin from another tenant shouldn't be possible
TestNetwork anotherNetwork = getOtherNetwork(requestContext.getNetworkId());
tenantAdmin = AuthenticationUtil.getAdminUserName() + "@" + anotherNetwork.getId();
publicApiClient.setRequestContext(new RequestContext(TenantUtil.DEFAULT_TENANT, tenantAdmin));
try {
tasksClient.findTaskById(task.getId());
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.FORBIDDEN.value(), expected.getHttpResponse().getStatusCode());
assertErrorSummary("Permission was denied", expected.getHttpResponse());
}
} finally {
cleanupProcessInstance(processInstance);
}
}
use of org.alfresco.rest.api.tests.RepoService.TestNetwork in project alfresco-remote-api by Alfresco.
the class TestCMIS method testVersioning.
/**
* Test that updating properties does not automatically create a new version.
* Test that updating content creates a new version automatically.
*/
@Test
public void testVersioning() throws Exception {
final TestNetwork network1 = getTestFixture().getRandomNetwork();
String username = "user" + System.currentTimeMillis();
PersonInfo personInfo = new PersonInfo(username, username, username, TEST_PASSWORD, null, null, null, null, null, null, null);
TestPerson person1 = network1.createUser(personInfo);
String person1Id = person1.getId();
final String siteName = "site" + System.currentTimeMillis();
TenantUtil.runAsUserTenant(new TenantRunAsWork<NodeRef>() {
@Override
public NodeRef doWork() throws Exception {
SiteInformation siteInfo = new SiteInformation(siteName, siteName, siteName, SiteVisibility.PRIVATE);
TestSite site = repoService.createSite(null, siteInfo);
String name = GUID.generate();
NodeRef folderNodeRef = repoService.createFolder(site.getContainerNodeRef(DOCUMENT_LIBRARY_CONTAINER_NAME), name);
return folderNodeRef;
}
}, person1Id, network1.getId());
// Create a document...
publicApiClient.setRequestContext(new RequestContext(network1.getId(), person1Id));
CmisSession cmisSession = publicApiClient.createPublicApiCMISSession(Binding.atom, CMIS_VERSION_10, AlfrescoObjectFactoryImpl.class.getName());
AlfrescoFolder docLibrary = (AlfrescoFolder) cmisSession.getObjectByPath("/Sites/" + siteName + "/documentLibrary");
Map<String, String> properties = new HashMap<String, String>();
{
properties.put(PropertyIds.OBJECT_TYPE_ID, TYPE_CMIS_DOCUMENT);
properties.put(PropertyIds.NAME, "mydoc-" + GUID.generate() + ".txt");
}
ContentStreamImpl fileContent = new ContentStreamImpl();
{
ContentWriter writer = new FileContentWriter(TempFileProvider.createTempFile(GUID.generate(), ".txt"));
writer.putContent("Ipsum and so on");
ContentReader reader = writer.getReader();
fileContent.setMimeType(MimetypeMap.MIMETYPE_TEXT_PLAIN);
fileContent.setStream(reader.getContentInputStream());
}
AlfrescoDocument doc = (AlfrescoDocument) docLibrary.createDocument(properties, fileContent, VersioningState.MAJOR);
String versionLabel = doc.getVersionLabel();
// ...and check that updating its properties does not create a new version
properties = new HashMap<String, String>();
{
properties.put(PropertyIds.DESCRIPTION, GUID.generate());
}
AlfrescoDocument doc1 = (AlfrescoDocument) doc.updateProperties(properties);
doc1 = (AlfrescoDocument) doc1.getObjectOfLatestVersion(false);
String versionLabel1 = doc1.getVersionLabel();
assertTrue(Float.parseFloat(versionLabel) < Float.parseFloat(versionLabel1));
// ...and check that updating its content creates a new version
fileContent = new ContentStreamImpl();
{
ContentWriter writer = new FileContentWriter(TempFileProvider.createTempFile(GUID.generate(), ".txt"));
writer.putContent("Ipsum and so on and so on");
ContentReader reader = writer.getReader();
fileContent.setMimeType(MimetypeMap.MIMETYPE_TEXT_PLAIN);
fileContent.setStream(reader.getContentInputStream());
}
doc1.setContentStream(fileContent, true);
AlfrescoDocument doc2 = (AlfrescoDocument) doc1.getObjectOfLatestVersion(false);
@SuppressWarnings("unused") String versionLabel2 = doc2.getVersionLabel();
assertTrue("Set content stream should create a new version automatically", Float.parseFloat(versionLabel1) < Float.parseFloat(versionLabel2));
}
Aggregations