use of org.alfresco.rest.api.tests.client.data.Document in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUploadToMyFiles.
/**
* Tests Multipart upload to user's home (a.k.a My Files).
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/-default-/public/alfresco/versions/1/nodes/<nodeId>/children}
*/
@Test
public void testUploadToMyFiles() throws Exception {
setRequestContext(user1);
// create folder f0
String folder0Name = "f0-testUploadToMyFiles-" + RUNID;
Folder folderResp = createFolder(Nodes.PATH_MY, folder0Name);
String f0Id = folderResp.getId();
final String fileName = "quick.pdf";
final File file = getResourceFile(fileName);
Paging paging = getPaging(0, Integer.MAX_VALUE);
HttpResponse response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
PublicApiClient.ExpectedPaging pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
final int numOfNodes = pagingResult.getCount();
MultiPartBuilder multiPartBuilder = MultiPartBuilder.create().setFileData(new FileData(fileName, file));
MultiPartRequest reqBody = multiPartBuilder.build();
// Try to upload into a non-existent folder
post(getNodeChildrenUrl(UUID.randomUUID().toString()), reqBody.getBody(), null, reqBody.getContentType(), 404);
// Upload
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName, document.getName());
ContentInfo contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_PDF, contentInfo.getMimeType());
// Default encoding
assertEquals("UTF-8", contentInfo.getEncoding());
// Check there is no path info returned.
// The path info should only be returned when it is requested via a include statement.
assertNull(document.getPath());
// Retrieve the uploaded file
response = getSingle(NodesEntityResource.class, document.getId(), null, 200);
document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(fileName, document.getName());
contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_PDF, contentInfo.getMimeType());
// Check 'get children' is confirming the upload
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals(numOfNodes + 1, pagingResult.getCount().intValue());
// Upload the same file again to check the name conflicts handling
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 409);
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals("Duplicate file name. The file shouldn't have been uploaded.", numOfNodes + 1, pagingResult.getCount().intValue());
// Set autoRename=true and upload the same file again
reqBody = MultiPartBuilder.copy(multiPartBuilder).setAutoRename(true).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals("quick-1.pdf", document.getName());
// upload the same file again, and request the path info to be present in the response
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), "?include=path", reqBody.getContentType(), 201);
document = jacksonUtil.parseEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals("quick-2.pdf", document.getName());
assertNotNull(document.getPath());
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals(numOfNodes + 3, pagingResult.getCount().intValue());
// upload without specifying content type or without overriding filename - hence guess mimetype and use file's name
final String fileName1 = "quick-1.txt";
final File file1 = getResourceFile(fileName1);
reqBody = MultiPartBuilder.create().setFileData(new FileData(null, file1)).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = jacksonUtil.parseEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName1, document.getName());
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, document.getContent().getMimeType());
// upload with "default" binary content type and override filename - hence guess mimetype & use overridden name
final String fileName2 = "quick-2.txt";
final String fileName2b = "quick-2b.txt";
final File file2 = getResourceFile(fileName2);
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2b, file2)).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = jacksonUtil.parseEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName2b, document.getName());
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, document.getContent().getMimeType());
response = getSingle(NodesEntityResource.class, Nodes.PATH_MY, null, 200);
Folder user1Home = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
// User2 tries to upload a new file into the user1's home folder.
setRequestContext(user2);
final File file3 = getResourceFile(fileName2);
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2, file3)).build();
post(getNodeChildrenUrl(user1Home.getId()), reqBody.getBody(), null, reqBody.getContentType(), 403);
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 403);
setRequestContext(user1);
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals("Access Denied. The file shouldn't have been uploaded.", numOfNodes + 5, pagingResult.getCount().intValue());
// User1 tries to upload a file into a document rather than a folder!
post(getNodeChildrenUrl(document.getId()), reqBody.getBody(), null, reqBody.getContentType(), 400);
// Try to upload a file without defining the required formData
reqBody = MultiPartBuilder.create().setAutoRename(true).build();
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 400);
// Test unsupported node type
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2, file2)).setAutoRename(true).setNodeType("cm:link").build();
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 400);
// User1 uploads a new file
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2, file2)).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName2, document.getName());
contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, contentInfo.getMimeType());
assertEquals("ISO-8859-1", contentInfo.getEncoding());
// Test content size limit
final SimpleFixedLimitProvider limitProvider = applicationContext.getBean("defaultContentLimitProvider", SimpleFixedLimitProvider.class);
final long defaultSizeLimit = limitProvider.getSizeLimit();
// 20 KB
limitProvider.setSizeLimitString("20000");
try {
// quick.pdf size is about 23 KB
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName, file)).setAutoRename(true).build();
// Try to upload a file larger than the configured size limit
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 413);
} finally {
limitProvider.setSizeLimitString(Long.toString(defaultSizeLimit));
}
}
use of org.alfresco.rest.api.tests.client.data.Document in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdatePermissionInvalidAccessStatus.
/**
* Test attempt to set permission with an invalid access status
*
* @throws Exception
*/
private void testUpdatePermissionInvalidAccessStatus() throws Exception {
// create folder with an empty document
String postUrl = createFolder();
String dId = createDocument(postUrl);
// update permissions
Document dUpdate = new Document();
NodePermissions nodePermissions = new NodePermissions();
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.CONSUMER, "InvalidAccessLevel"));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// "Cannot set permissions on this node - unknown access status:
// InvalidName"
put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 400);
}
use of org.alfresco.rest.api.tests.client.data.Document in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdatePermissionsOnNode.
/**
* Test update permission on a node
*
* @throws Exception
*/
private void testUpdatePermissionsOnNode() throws Exception {
// create folder with an empty document
String postUrl = createFolder();
String dId = createDocument(postUrl);
// update permissions
Document dUpdate = new Document();
NodePermissions nodePermissions = new NodePermissions();
List<NodePermissions.NodePermission> locallySetPermissions = new ArrayList<>();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.CONSUMER, AccessStatus.ALLOWED.toString()));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// update node
HttpResponse response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
validatePermissionsAfterUpdate(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), locallySetPermissions);
// Check permissions on node for user2 (part of groupB)
AuthenticationUtil.setRunAsUser(user2);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.CONSUMER) == AccessStatus.DENIED);
// Check permissions on node for user1 (part of groupA)
AuthenticationUtil.setRunAsUser(user1);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.CONSUMER) == AccessStatus.ALLOWED);
// add two groups with different permissions for each
locallySetPermissions.clear();
locallySetPermissions.add(new NodePermissions.NodePermission(groupA, PermissionService.EDITOR, AccessStatus.ALLOWED.toString()));
locallySetPermissions.add(new NodePermissions.NodePermission(groupB, PermissionService.CONSUMER, AccessStatus.ALLOWED.toString()));
nodePermissions.setLocallySet(locallySetPermissions);
dUpdate.setPermissions(nodePermissions);
// update node
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
validatePermissionsAfterUpdate(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), locallySetPermissions);
// Check permissions on node for user2 (part of groupB)
AuthenticationUtil.setRunAsUser(user2);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.CONSUMER) == AccessStatus.ALLOWED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.EDITOR) == AccessStatus.DENIED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.WRITE) == AccessStatus.DENIED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.READ) == AccessStatus.ALLOWED);
// Check permissions on node for user1 (part of groupA)
AuthenticationUtil.setRunAsUser(user1);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.EDITOR) == AccessStatus.ALLOWED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.WRITE) == AccessStatus.ALLOWED);
assertTrue(permissionService.hasPermission(new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, documentResp.getId()), PermissionService.READ) == AccessStatus.ALLOWED);
}
use of org.alfresco.rest.api.tests.client.data.Document in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUnlock.
/**
* Tests unlock of a node
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/-default-/public/alfresco/versions/1/nodes/<nodeId>/unlock}
*/
@Test
public void testUnlock() throws Exception {
setRequestContext(user1);
// create folder
Folder folderResp = createFolder(Nodes.PATH_MY, "folder" + RUNID);
String folderId = folderResp.getId();
// create doc d1
String d1Name = "content" + RUNID + "_1l";
Document d1 = createTextFile(folderId, d1Name, "The quick brown fox jumps over the lazy dog 1.");
String d1Id = d1.getId();
lock(d1Id, EMPTY_BODY);
HttpResponse response = post(getNodeOperationUrl(d1Id, "unlock"), null, null, 200);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(d1Name, documentResp.getName());
assertEquals(d1Id, documentResp.getId());
assertNull(documentResp.getProperties().get("cm:lockType"));
assertNull(documentResp.getProperties().get("cm:lockOwner"));
lock(d1Id, EMPTY_BODY);
// Users with admin rights can unlock nodes locked by other users.
setRequestContext(networkAdmin);
post(getNodeOperationUrl(d1Id, "unlock"), null, null, 200);
// -ve
// Missing target node
post(getNodeOperationUrl("fakeId", "unlock"), null, null, 404);
// Unlock by a user without permission
lock(d1Id, EMPTY_BODY);
setRequestContext(user2);
post(getNodeOperationUrl(d1Id, "unlock"), null, null, 403);
setRequestContext(user1);
// Unlock on a not locked node
post(getNodeOperationUrl(folderId, "unlock"), null, null, 422);
// clean up
// all locks were made by user1
setRequestContext(user1);
unlock(d1Id);
deleteNode(folderId);
}
use of org.alfresco.rest.api.tests.client.data.Document in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdateOwner.
/**
* Tests update owner (file or folder)
* <p>PUT:</p>
* {@literal <host>:<port>/alfresco/api/-default-/public/alfresco/versions/1/nodes/<nodeId>}
*/
@Test
public void testUpdateOwner() throws Exception {
setRequestContext(user1);
// create folder f0
String folderName = "f0-testUpdateOwner-" + RUNID;
Folder folderResp = createFolder(Nodes.PATH_SHARED, folderName);
String f0Id = folderResp.getId();
// owner is implied
assertNull(user1, folderResp.getProperties());
// explicitly set owner to oneself
Map<String, Object> props = new HashMap<>();
props.put(PROP_OWNER, user1);
Folder fUpdate = new Folder();
fUpdate.setProperties(props);
HttpResponse response = put(URL_NODES, f0Id, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(user1, ((Map) folderResp.getProperties().get(PROP_OWNER)).get("id"));
// create doc d1
String d1Name = "content1 " + RUNID;
String d1Id = createTextFile(f0Id, d1Name, "The quick brown fox jumps over the lazy dog.").getId();
// get node info
response = getSingle(NodesEntityResource.class, d1Id, null, 200);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// note: owner is implied
assertEquals(2, documentResp.getProperties().size());
assertEquals("1.0", documentResp.getProperties().get("cm:versionLabel"));
assertEquals("MAJOR", documentResp.getProperties().get("cm:versionType"));
props = new HashMap<>();
props.put(PROP_OWNER, user1);
Document dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, d1Id, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(user1, ((Map) documentResp.getProperties().get(PROP_OWNER)).get("id"));
// -ve test - cannot set owner to a nonexistent user
props = new HashMap<>();
props.put(PROP_OWNER, "unknownusernamedoesnotexist");
dUpdate = new Document();
dUpdate.setProperties(props);
put(URL_NODES, d1Id, toJsonAsStringNonNull(dUpdate), null, 400);
setRequestContext(user2);
response = getSingle(URL_NODES, d1Id, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(user1, ((Map) documentResp.getProperties().get(PROP_OWNER)).get("id"));
// -ve test - cannot take/change ownership
props = new HashMap<>();
props.put(PROP_OWNER, user2);
dUpdate = new Document();
dUpdate.setProperties(props);
put(URL_NODES, d1Id, toJsonAsStringNonNull(dUpdate), null, 403);
props = new HashMap<>();
props.put(PROP_OWNER, user1);
dUpdate = new Document();
dUpdate.setProperties(props);
put(URL_NODES, d1Id, toJsonAsStringNonNull(dUpdate), null, 403);
setRequestContext(user1);
props = new HashMap<>();
props.put(PROP_OWNER, user2);
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, d1Id, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(user2, ((Map) documentResp.getProperties().get(PROP_OWNER)).get("id"));
setRequestContext(user2);
response = getSingle(URL_NODES, d1Id, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(user2, ((Map) documentResp.getProperties().get(PROP_OWNER)).get("id"));
// -ve test - user2 cannot delete the test folder/file - TODO is that expected ?
setRequestContext(user2);
deleteNode(f0Id, 403);
setRequestContext(user1);
deleteNode(f0Id);
}
Aggregations