use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project alfresco-remote-api by Alfresco.
the class SiteServiceTest method testDeleteMembershipAsSiteAdmin.
public void testDeleteMembershipAsSiteAdmin() throws Exception {
// Create a site
String shortName = GUID.generate();
createSite("myPreset", shortName, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
// Build the JSON membership object
JSONObject membership = new JSONObject();
membership.put("role", SiteModel.SITE_CONSUMER);
JSONObject person = new JSONObject();
person.put("userName", USER_TWO);
membership.put("person", person);
// Post the membership
Response response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
JSONObject jsonObj = new JSONObject(response.getContentAsString());
// Check the result
assertEquals(SiteModel.SITE_CONSUMER, jsonObj.get("role"));
assertEquals(USER_TWO, jsonObj.getJSONObject("authority").get("userName"));
// try to delete user2 from the site
this.authenticationComponent.setCurrentUser(USER_THREE);
sendRequest(new DeleteRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS + "/" + USER_TWO), 500);
assertTrue(USER_THREE + " doesn’t have permission to delete users from the site", siteService.isMember(shortName, USER_TWO));
// set the current user as site-admin
this.authenticationComponent.setCurrentUser(USER_FOUR_AS_SITE_ADMIN);
sendRequest(new DeleteRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS + "/" + USER_TWO), 200);
assertFalse(siteService.isMember(shortName, USER_TWO));
}
use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project alfresco-remote-api by Alfresco.
the class SiteServiceTest method testGroupMembership.
public void testGroupMembership() throws Exception {
String testGroup = "SiteServiceTestGroupA";
String testGroupName = "GROUP_" + testGroup;
if (!authorityService.authorityExists(testGroupName)) {
this.authenticationComponent.setSystemUserAsCurrentUser();
testGroupName = authorityService.createAuthority(AuthorityType.GROUP, testGroup, testGroup, authorityService.getDefaultZones());
}
this.authenticationComponent.setCurrentUser(USER_ONE);
// CRUD a membership group for a web site
// Create a site
String shortName = GUID.generate();
createSite("myPreset", shortName, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
// Build the JSON membership object
JSONObject membership = new JSONObject();
membership.put("role", SiteModel.SITE_CONSUMER);
JSONObject group = new JSONObject();
group.put("fullName", testGroupName);
membership.put("group", group);
// Create a new group membership
{
Response response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
JSONObject newMember = new JSONObject(response.getContentAsString());
// Validate the return value
assertEquals("role not correct", SiteModel.SITE_CONSUMER, newMember.getString("role"));
JSONObject newGroup = newMember.getJSONObject("authority");
assertNotNull("newGroup");
assertEquals("full name not correct", testGroupName, newGroup.getString("fullName"));
assertEquals("authorityType not correct", "GROUP", newGroup.getString("authorityType"));
// Now send the returned value back with a new role (COLLABORATOR)
newMember.put("role", SiteModel.SITE_COLLABORATOR);
response = sendRequest(new PutRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, newMember.toString(), "application/json"), 200);
JSONObject updateResult = new JSONObject(response.getContentAsString());
assertEquals("role not correct", SiteModel.SITE_COLLABORATOR, updateResult.getString("role"));
}
// Now List membership to show the group from above.
{
Response response = sendRequest(new GetRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS), 200);
JSONArray listResult = new JSONArray(response.getContentAsString());
/**
* The result should have at least 2 elements, 1 for the user who created and 1 for the group added above
*/
assertTrue("result too small", listResult.length() >= 2);
for (int i = 0; i < listResult.length(); i++) {
JSONObject obj = listResult.getJSONObject(i);
JSONObject authority = obj.getJSONObject("authority");
if (authority.getString("authorityType").equals("GROUP")) {
assertEquals("full name not correct", testGroupName, authority.getString("fullName"));
}
if (authority.getString("authorityType").equals("USER")) {
assertEquals("full name not correct", USER_ONE, authority.getString("fullName"));
}
}
}
// Now get the group membership from above
// Now List membership to show the group from above.
{
Response response = sendRequest(new GetRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS + '/' + testGroupName), 200);
JSONObject getResult = new JSONObject(response.getContentAsString());
System.out.println(response.getContentAsString());
JSONObject grp = getResult.getJSONObject("authority");
assertEquals("full name not correct", testGroupName, grp.getString("fullName"));
}
// cleanup
if (authorityService.authorityExists(testGroupName)) {
this.authenticationComponent.setSystemUserAsCurrentUser();
authorityService.deleteAuthority(testGroupName);
}
}
use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project alfresco-remote-api by Alfresco.
the class SurfConfigTest method testSurfConfigPermissions.
// MNT-16371
public void testSurfConfigPermissions() throws Exception {
// Create a site as USER_ONE
String shortName = UUID.randomUUID().toString();
JSONObject result = createSite("myPreset", shortName, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
assertEquals("myPreset", result.get("sitePreset"));
assertEquals(shortName, result.get("shortName"));
assertEquals("myTitle", result.get("title"));
assertEquals("myDescription", result.get("description"));
assertEquals(SiteVisibility.PUBLIC.toString(), result.get("visibility"));
// Make ADMRemoteStore to create the surf-config folder and the dashboard.xml file.
sendRequest(new PostRequest(URL_ADM + "CREATE/alfresco/site-data/pages/site/" + shortName + "/dashboard.xml?s=sitestore", new JSONObject().toString(), "application/json"), 200);
// {siteName}/cm:surf-config/
NodeRef surfConfigFolderRef = nodeService.getChildByName(siteService.getSite(shortName).getNodeRef(), ContentModel.ASSOC_CONTAINS, "surf-config");
assertEquals("surf-config", nodeService.getProperty(surfConfigFolderRef, ContentModel.PROP_NAME));
String owner = (String) nodeService.getProperty(surfConfigFolderRef, ContentModel.PROP_OWNER);
assertFalse(USER_ONE.equalsIgnoreCase(owner));
assertEquals(AuthenticationUtil.getAdminUserName(), owner);
assertFalse("Inherit Permissions should be off.", permissionService.getInheritParentPermissions(surfConfigFolderRef));
Set<AccessPermission> permissions = permissionService.getAllSetPermissions(surfConfigFolderRef);
assertEquals(1, permissions.size());
String siteManagerGroup = siteService.getSiteRoleGroup(shortName, SiteModel.SITE_MANAGER);
AccessPermission accessPermission = permissions.iterator().next();
assertEquals(siteManagerGroup, accessPermission.getAuthority());
assertEquals(SiteModel.SITE_MANAGER, accessPermission.getPermission());
assertTrue(accessPermission.getAccessStatus() == AccessStatus.ALLOWED);
// This is the method that finally gets called when ALF-21643 steps are followed.
PagingResults<FileInfo> pageResults = fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
List<FileInfo> fileInfos = pageResults.getPage();
assertNotNull(fileInfos);
assertEquals(1, fileInfos.size());
// {siteName}/cm:surf-config/pages
assertEquals("pages", fileInfos.get(0).getName());
// Add USER_TWO as a site collaborator
JSONObject membership = new JSONObject();
membership.put("role", SiteModel.SITE_COLLABORATOR);
JSONObject person = new JSONObject();
person.put("userName", USER_TWO);
membership.put("person", person);
// Post the membership
Response response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
result = new JSONObject(response.getContentAsString());
assertEquals(SiteModel.SITE_COLLABORATOR, result.get("role"));
assertEquals(USER_TWO, result.getJSONObject("authority").get("userName"));
// Add USER_THREE as a site manager
membership.put("role", SiteModel.SITE_MANAGER);
person.put("userName", USER_THREE);
membership.put("person", person);
// Post the membership
response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
result = new JSONObject(response.getContentAsString());
assertEquals(SiteModel.SITE_MANAGER, result.get("role"));
assertEquals(USER_THREE, result.getJSONObject("authority").get("userName"));
// USER_TWO is a site collaborator so he should not be able to access the surf-config folder
AuthenticationUtil.setFullyAuthenticatedUser(USER_TWO);
try {
fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
fail("USER_TWO dose not have the appropriate permissions to perform this operation.");
} catch (AccessDeniedException ex) {
// expected
}
// USER_THREE is a site manager so he is able to access the surf-config folder
AuthenticationUtil.setFullyAuthenticatedUser(USER_THREE);
pageResults = fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
fileInfos = pageResults.getPage();
assertNotNull(fileInfos);
assertEquals(1, fileInfos.size());
// {siteName}/cm:surf-config/pages
assertEquals("pages", fileInfos.get(0).getName());
// Update USER_ONE role from SiteManager to SiteContributor.
membership.put("role", SiteModel.SITE_CONTRIBUTOR);
person.put("userName", USER_ONE);
membership.put("person", person);
response = sendRequest(new PutRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
result = new JSONObject(response.getContentAsString());
assertEquals(SiteModel.SITE_CONTRIBUTOR, result.get("role"));
assertEquals(USER_ONE, result.getJSONObject("authority").get("userName"));
// USER_ONE is no longer a site manager
// USER_ONE tries to access "{siteName}/cm:surf-config" children
AuthenticationUtil.setFullyAuthenticatedUser(USER_ONE);
try {
fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
fail("USER_ONE is not the owner and he is no longer a site manager, so does not have the appropriate permissions to perform this operation");
} catch (AccessDeniedException ex) {
// expected
}
// USER_ONE tries to access "{siteName}/cm:surf-config/pages" children
try {
fileFolderService.list(fileInfos.get(0).getNodeRef(), true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
fail("USER_ONE is not the owner and he is no longer a site manager, so does not have the appropriate permissions to perform this operation");
} catch (AccessDeniedException ex) {
// expected
}
}
use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project records-management by Alfresco.
the class RmRestApiTest method testExport.
public void testExport() throws Exception {
String exportUrl = "/api/rma/admin/export";
// define JSON POST body
JSONObject jsonPostData = new JSONObject();
JSONArray nodeRefs = new JSONArray();
nodeRefs.put(recordFolder.toString());
nodeRefs.put(recordFolder2.toString());
jsonPostData.put("nodeRefs", nodeRefs);
String jsonPostString = jsonPostData.toString();
// make the export request
Response rsp = sendRequest(new PostRequest(exportUrl, jsonPostString, APPLICATION_JSON), 200);
assertEquals("application/acp", rsp.getContentType());
}
use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project records-management by Alfresco.
the class RmRestApiTest method testPostReviewedAction.
public void testPostReviewedAction() throws IOException, JSONException {
NodeRef testRecord = utils.createRecord(recordFolder, "test.txt");
// In this test, this property has a date-value equal to the model import time.
Serializable pristineReviewAsOf = this.nodeService.getProperty(testRecord, PROP_REVIEW_AS_OF);
// Construct the JSON request for 'reviewed'.
String jsonString = new JSONStringer().object().key("name").value("reviewed").key("nodeRef").value(testRecord.toString()).key("params").object().key("param1").value("one").key("param2").value("two").endObject().endObject().toString();
// Submit the JSON request.
final int expectedStatus = 200;
Response rsp = sendRequest(new PostRequest(RMA_ACTIONS_URL, jsonString, APPLICATION_JSON), expectedStatus);
String rspContent = rsp.getContentAsString();
assertTrue(rspContent.contains("Successfully queued action [reviewed]"));
Serializable newReviewAsOfDate = this.nodeService.getProperty(testRecord, PROP_REVIEW_AS_OF);
assertFalse("The reviewAsOf property should have changed. Was " + pristineReviewAsOf, pristineReviewAsOf.equals(newReviewAsOfDate));
}
Aggregations