use of org.alfresco.util.Pair in project alfresco-remote-api by Alfresco.
the class TestCustomModel method testCreateBasicModel_Invalid.
@Test
public void testCreateBasicModel_Invalid() throws Exception {
String modelName = "testModel" + System.currentTimeMillis();
Pair<String, String> namespacePair = getTestNamespaceUriPrefixPair();
CustomModel customModel = new CustomModel();
customModel.setName(modelName);
customModel.setNamespaceUri(namespacePair.getFirst());
customModel.setNamespacePrefix(namespacePair.getSecond());
setRequestContext(customModelAdmin);
// Test invalid inputs
{
customModel.setName(modelName + "<script>alert('oops')</script>");
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setName("prefix:" + modelName);
// Invalid name. Contains ':'
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setName("prefix " + modelName);
// Invalid name. Contains space
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setName(modelName);
customModel.setNamespacePrefix(namespacePair.getSecond() + " space");
// Invalid prefix. Contains space
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setNamespacePrefix(namespacePair.getSecond() + "invalid/");
// Invalid prefix. Contains '/'
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setNamespacePrefix(namespacePair.getSecond());
customModel.setNamespaceUri(namespacePair.getFirst() + " space");
// Invalid URI. Contains space
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setNamespaceUri(namespacePair.getFirst() + "\\");
// Invalid URI. Contains '\'
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
}
// Test mandatory properties of the model
{
customModel.setName("");
customModel.setNamespacePrefix(namespacePair.getSecond());
customModel.setNamespaceUri(namespacePair.getFirst());
// name is mandatory
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setName(modelName);
customModel.setNamespaceUri(null);
// namespaceUri is mandatory
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
customModel.setName(modelName);
customModel.setNamespaceUri(namespacePair.getFirst());
customModel.setNamespacePrefix(null);
// namespacePrefix is mandatory
post("cmm", RestApiUtil.toJsonAsString(customModel), 400);
}
// Test duplicate model name
{
// Test create a model with the same name as the bootstrapped model
customModel.setName("contentmodel");
customModel.setNamespaceUri(namespacePair.getFirst());
customModel.setNamespacePrefix(namespacePair.getSecond());
post("cmm", RestApiUtil.toJsonAsString(customModel), 409);
// Create the model
customModel.setName(modelName);
post("cmm", RestApiUtil.toJsonAsString(customModel), 201);
// Create a duplicate model
// Set a new namespace to make sure the 409 status code is returned
// because of a name conflict rather than namespace URI
namespacePair = getTestNamespaceUriPrefixPair();
customModel.setNamespaceUri(namespacePair.getFirst());
customModel.setNamespacePrefix(namespacePair.getSecond());
post("cmm", RestApiUtil.toJsonAsString(customModel), 409);
}
// Test duplicate namespaceUri
{
String modelNameTwo = "testModelTwo" + System.currentTimeMillis();
Pair<String, String> namespacePairTwo = getTestNamespaceUriPrefixPair();
CustomModel customModelTwo = new CustomModel();
customModelTwo.setName(modelNameTwo);
customModelTwo.setNamespaceUri(namespacePairTwo.getFirst());
customModelTwo.setNamespacePrefix(namespacePairTwo.getSecond());
post("cmm", RestApiUtil.toJsonAsString(customModelTwo), 201);
String modelNameThree = "testModelThree" + System.currentTimeMillis();
Pair<String, String> namespacePairThree = getTestNamespaceUriPrefixPair();
CustomModel customModelThree = new CustomModel();
customModelThree.setName(modelNameThree);
// duplicate URI
customModelThree.setNamespaceUri(namespacePairTwo.getFirst());
customModelThree.setNamespacePrefix(namespacePairThree.getSecond());
// Try to create a model with a namespace uri which has already been used.
post("cmm", RestApiUtil.toJsonAsString(customModelThree), 409);
customModelThree.setNamespaceUri(namespacePairThree.getFirst());
// duplicate prefix
customModelThree.setNamespacePrefix(namespacePairTwo.getSecond());
// Try to create a model with a namespace prefix which has already been used.
post("cmm", RestApiUtil.toJsonAsString(customModelThree), 409);
}
}
use of org.alfresco.util.Pair in project alfresco-remote-api by Alfresco.
the class TestCustomModel method testDeactivateCustomModel.
@Test
public void testDeactivateCustomModel() throws Exception {
setRequestContext(customModelAdmin);
String modelNameOne = "testDeactivateModelOne" + System.currentTimeMillis();
Pair<String, String> namespacePair = getTestNamespaceUriPrefixPair();
// Create the model as a Model Administrator
CustomModel customModelOne = createCustomModel(modelNameOne, namespacePair, ModelStatus.ACTIVE, null, "Mark Moe");
// Retrieve the created model and check its status
HttpResponse response = getSingle("cmm", modelNameOne, 200);
CustomModel returnedModel = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), CustomModel.class);
assertEquals(ModelStatus.ACTIVE, returnedModel.getStatus());
// We only want to update the status (Deactivate), so ignore the other properties
CustomModel updatePayload = new CustomModel();
updatePayload.setStatus(ModelStatus.DRAFT);
setRequestContext(nonAdminUserName);
// Try to deactivate the model as a non Admin user
put("cmm", modelNameOne, RestApiUtil.toJsonAsString(updatePayload), SELECT_STATUS_QS, 403);
setRequestContext(customModelAdmin);
// Deactivate the model as a Model Administrator
put("cmm", modelNameOne, RestApiUtil.toJsonAsString(updatePayload), SELECT_STATUS_QS, 200);
response = getSingle("cmm", modelNameOne, 200);
returnedModel = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), CustomModel.class);
assertEquals(ModelStatus.DRAFT, returnedModel.getStatus());
// Check other properties have not been modified
compareCustomModels(customModelOne, returnedModel, "status");
// Try to deactivate the already deactivated model as a Model Administrator
put("cmm", modelNameOne, RestApiUtil.toJsonAsString(updatePayload), SELECT_STATUS_QS, 500);
// Activate/Deactivate a model with an aspect
{
// Create another Model
final String modelNameTwo = "testDeactivateModelTwo" + System.currentTimeMillis();
Pair<String, String> namespacePairTwo = getTestNamespaceUriPrefixPair();
CustomModel customModelTwo = createCustomModel(modelNameTwo, namespacePairTwo, ModelStatus.DRAFT, null, "Mark Moe");
// Aspect
CustomAspect aspect = new CustomAspect();
aspect.setName("testMarkerAspect");
post("cmm/" + modelNameTwo + "/aspects", RestApiUtil.toJsonAsString(aspect), 201);
// Retrieve the created aspect
getSingle("cmm/" + modelNameTwo + "/aspects", aspect.getName(), 200);
// Activate the model as a Model Administrator
customModelTwo.setStatus(ModelStatus.ACTIVE);
put("cmm", modelNameTwo, RestApiUtil.toJsonAsString(customModelTwo), SELECT_STATUS_QS, 200);
response = getSingle("cmm", modelNameTwo, 200);
returnedModel = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), CustomModel.class);
assertEquals(ModelStatus.ACTIVE, returnedModel.getStatus());
updatePayload = new CustomModel();
updatePayload.setStatus(ModelStatus.DRAFT);
// Deactivate the model as a Model Administrator
put("cmm", modelNameTwo, RestApiUtil.toJsonAsString(updatePayload), SELECT_STATUS_QS, 200);
response = getSingle("cmm", modelNameTwo, 200);
returnedModel = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), CustomModel.class);
assertEquals(ModelStatus.DRAFT, returnedModel.getStatus());
}
}
use of org.alfresco.util.Pair in project alfresco-remote-api by Alfresco.
the class ResourceLocatorTests method testGetEmbeddedResources.
@Test
public void testGetEmbeddedResources() {
Map<String, Pair<String, Method>> embeddded = ResourceInspector.findEmbeddedResources(Farmer.class);
assertNotNull(embeddded);
final Map<String, ResourceWithMetadata> results = new HashMap<String, ResourceWithMetadata>(embeddded.size());
for (Entry<String, Pair<String, Method>> embeddedEntry : embeddded.entrySet()) {
ResourceWithMetadata res = locator.locateEntityResource(api, embeddedEntry.getValue().getFirst(), HttpMethod.GET);
results.put(embeddedEntry.getKey(), res);
}
assertNotNull(results);
assertTrue(results.size() == 2);
assertTrue(SheepEntityResource.class.equals(results.get("sheep").getResource().getClass()));
Object goatResource = results.get("goat").getResource();
assertTrue(GoatEntityResource.class.equals(goatResource.getClass()));
}
use of org.alfresco.util.Pair in project records-management by Alfresco.
the class RMSecurityCommon method hasViewCapability.
/**
* Helper method to determine whether the current user has view capability on the file plan
*
* @param filePlan file plan
* @return {@link AccessStatus}
*/
private AccessStatus hasViewCapability(NodeRef filePlan) {
Map<Pair<String, NodeRef>, AccessStatus> transactionCache = TransactionalResourceHelper.getMap("rm.security.hasViewCapability");
Pair<String, NodeRef> key = new Pair<String, NodeRef>(AuthenticationUtil.getRunAsUser(), filePlan);
if (transactionCache.containsKey(key)) {
return transactionCache.get(key);
} else {
AccessStatus result = permissionService.hasPermission(filePlan, ViewRecordsCapability.NAME);
transactionCache.put(key, result);
return result;
}
}
use of org.alfresco.util.Pair in project records-management by Alfresco.
the class RMSecurityCommon method checkRmRead.
/**
* Core RM read check
*
* @param nodeRef node reference
* @return int see {@link AccessDecisionVoter}
*/
public int checkRmRead(NodeRef nodeRef) {
int result = AccessDecisionVoter.ACCESS_ABSTAIN;
Map<Pair<String, NodeRef>, Integer> transactionCache = TransactionalResourceHelper.getMap("rm.security.checkRMRead");
Pair<String, NodeRef> key = new Pair<String, NodeRef>(AuthenticationUtil.getRunAsUser(), nodeRef);
if (transactionCache.containsKey(key)) {
result = transactionCache.get(key);
} else {
if (permissionService.hasPermission(nodeRef, RMPermissionModel.READ_RECORDS) == AccessStatus.DENIED) {
if (logger.isDebugEnabled()) {
logger.debug("\t\tUser does not have read record permission on node, access denied. (nodeRef=" + nodeRef.toString() + ", user=" + AuthenticationUtil.getRunAsUser() + ")");
}
result = AccessDecisionVoter.ACCESS_DENIED;
} else {
// Get the file plan for the node
NodeRef filePlan = getFilePlanService().getFilePlan(nodeRef);
if (filePlan != null && hasViewCapability(filePlan) == AccessStatus.DENIED) {
if (logger.isDebugEnabled()) {
logger.debug("\t\tUser does not have view records capability permission on node, access denied. (filePlan=" + filePlan.toString() + ", user=" + AuthenticationUtil.getRunAsUser() + ")");
}
result = AccessDecisionVoter.ACCESS_DENIED;
} else if (!caveatConfigComponent.hasAccess(nodeRef)) {
result = AccessDecisionVoter.ACCESS_DENIED;
} else {
result = AccessDecisionVoter.ACCESS_GRANTED;
}
}
// cache result
transactionCache.put(key, result);
}
return result;
}
Aggregations