Search in sources :

Example 96 with PostRequest

use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project alfresco-remote-api by Alfresco.

the class SiteServiceTest method testDeleteMembershipAsSiteAdmin.

public void testDeleteMembershipAsSiteAdmin() throws Exception {
    // Create a site
    String shortName = GUID.generate();
    createSite("myPreset", shortName, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
    // Build the JSON membership object
    JSONObject membership = new JSONObject();
    membership.put("role", SiteModel.SITE_CONSUMER);
    JSONObject person = new JSONObject();
    person.put("userName", USER_TWO);
    membership.put("person", person);
    // Post the membership
    Response response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
    JSONObject jsonObj = new JSONObject(response.getContentAsString());
    // Check the result
    assertEquals(SiteModel.SITE_CONSUMER, jsonObj.get("role"));
    assertEquals(USER_TWO, jsonObj.getJSONObject("authority").get("userName"));
    // try to delete user2 from the site
    this.authenticationComponent.setCurrentUser(USER_THREE);
    sendRequest(new DeleteRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS + "/" + USER_TWO), 500);
    assertTrue(USER_THREE + " doesn’t have permission to delete users from the site", siteService.isMember(shortName, USER_TWO));
    // set the current user as site-admin
    this.authenticationComponent.setCurrentUser(USER_FOUR_AS_SITE_ADMIN);
    sendRequest(new DeleteRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS + "/" + USER_TWO), 200);
    assertFalse(siteService.isMember(shortName, USER_TWO));
}
Also used : Response(org.springframework.extensions.webscripts.TestWebScriptServer.Response) PostRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest) JSONObject(org.json.JSONObject) DeleteRequest(org.springframework.extensions.webscripts.TestWebScriptServer.DeleteRequest)

Example 97 with PostRequest

use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project alfresco-remote-api by Alfresco.

the class SiteServiceTest method testGroupMembership.

public void testGroupMembership() throws Exception {
    String testGroup = "SiteServiceTestGroupA";
    String testGroupName = "GROUP_" + testGroup;
    if (!authorityService.authorityExists(testGroupName)) {
        this.authenticationComponent.setSystemUserAsCurrentUser();
        testGroupName = authorityService.createAuthority(AuthorityType.GROUP, testGroup, testGroup, authorityService.getDefaultZones());
    }
    this.authenticationComponent.setCurrentUser(USER_ONE);
    // CRUD a membership group for a web site
    // Create a site
    String shortName = GUID.generate();
    createSite("myPreset", shortName, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
    // Build the JSON membership object
    JSONObject membership = new JSONObject();
    membership.put("role", SiteModel.SITE_CONSUMER);
    JSONObject group = new JSONObject();
    group.put("fullName", testGroupName);
    membership.put("group", group);
    // Create a new group membership
    {
        Response response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
        JSONObject newMember = new JSONObject(response.getContentAsString());
        // Validate the return value
        assertEquals("role not correct", SiteModel.SITE_CONSUMER, newMember.getString("role"));
        JSONObject newGroup = newMember.getJSONObject("authority");
        assertNotNull("newGroup");
        assertEquals("full name not correct", testGroupName, newGroup.getString("fullName"));
        assertEquals("authorityType not correct", "GROUP", newGroup.getString("authorityType"));
        // Now send the returned value back with a new role (COLLABORATOR)
        newMember.put("role", SiteModel.SITE_COLLABORATOR);
        response = sendRequest(new PutRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, newMember.toString(), "application/json"), 200);
        JSONObject updateResult = new JSONObject(response.getContentAsString());
        assertEquals("role not correct", SiteModel.SITE_COLLABORATOR, updateResult.getString("role"));
    }
    // Now List membership to show the group from above.
    {
        Response response = sendRequest(new GetRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS), 200);
        JSONArray listResult = new JSONArray(response.getContentAsString());
        /**
         * The result should have at least 2 elements, 1 for the user who created and 1 for the group added above
         */
        assertTrue("result too small", listResult.length() >= 2);
        for (int i = 0; i < listResult.length(); i++) {
            JSONObject obj = listResult.getJSONObject(i);
            JSONObject authority = obj.getJSONObject("authority");
            if (authority.getString("authorityType").equals("GROUP")) {
                assertEquals("full name not correct", testGroupName, authority.getString("fullName"));
            }
            if (authority.getString("authorityType").equals("USER")) {
                assertEquals("full name not correct", USER_ONE, authority.getString("fullName"));
            }
        }
    }
    // Now get the group membership from above
    // Now List membership to show the group from above.
    {
        Response response = sendRequest(new GetRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS + '/' + testGroupName), 200);
        JSONObject getResult = new JSONObject(response.getContentAsString());
        System.out.println(response.getContentAsString());
        JSONObject grp = getResult.getJSONObject("authority");
        assertEquals("full name not correct", testGroupName, grp.getString("fullName"));
    }
    // cleanup
    if (authorityService.authorityExists(testGroupName)) {
        this.authenticationComponent.setSystemUserAsCurrentUser();
        authorityService.deleteAuthority(testGroupName);
    }
}
Also used : Response(org.springframework.extensions.webscripts.TestWebScriptServer.Response) PostRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest) JSONObject(org.json.JSONObject) GetRequest(org.springframework.extensions.webscripts.TestWebScriptServer.GetRequest) JSONArray(org.json.JSONArray) PutRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PutRequest)

Example 98 with PostRequest

use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project alfresco-remote-api by Alfresco.

the class SurfConfigTest method testSurfConfigPermissions.

// MNT-16371
public void testSurfConfigPermissions() throws Exception {
    // Create a site as USER_ONE
    String shortName = UUID.randomUUID().toString();
    JSONObject result = createSite("myPreset", shortName, "myTitle", "myDescription", SiteVisibility.PUBLIC, 200);
    assertEquals("myPreset", result.get("sitePreset"));
    assertEquals(shortName, result.get("shortName"));
    assertEquals("myTitle", result.get("title"));
    assertEquals("myDescription", result.get("description"));
    assertEquals(SiteVisibility.PUBLIC.toString(), result.get("visibility"));
    // Make ADMRemoteStore to create the surf-config folder and the dashboard.xml file.
    sendRequest(new PostRequest(URL_ADM + "CREATE/alfresco/site-data/pages/site/" + shortName + "/dashboard.xml?s=sitestore", new JSONObject().toString(), "application/json"), 200);
    // {siteName}/cm:surf-config/
    NodeRef surfConfigFolderRef = nodeService.getChildByName(siteService.getSite(shortName).getNodeRef(), ContentModel.ASSOC_CONTAINS, "surf-config");
    assertEquals("surf-config", nodeService.getProperty(surfConfigFolderRef, ContentModel.PROP_NAME));
    String owner = (String) nodeService.getProperty(surfConfigFolderRef, ContentModel.PROP_OWNER);
    assertFalse(USER_ONE.equalsIgnoreCase(owner));
    assertEquals(AuthenticationUtil.getAdminUserName(), owner);
    assertFalse("Inherit Permissions should be off.", permissionService.getInheritParentPermissions(surfConfigFolderRef));
    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(surfConfigFolderRef);
    assertEquals(1, permissions.size());
    String siteManagerGroup = siteService.getSiteRoleGroup(shortName, SiteModel.SITE_MANAGER);
    AccessPermission accessPermission = permissions.iterator().next();
    assertEquals(siteManagerGroup, accessPermission.getAuthority());
    assertEquals(SiteModel.SITE_MANAGER, accessPermission.getPermission());
    assertTrue(accessPermission.getAccessStatus() == AccessStatus.ALLOWED);
    // This is the method that finally gets called when ALF-21643 steps are followed.
    PagingResults<FileInfo> pageResults = fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
    List<FileInfo> fileInfos = pageResults.getPage();
    assertNotNull(fileInfos);
    assertEquals(1, fileInfos.size());
    // {siteName}/cm:surf-config/pages
    assertEquals("pages", fileInfos.get(0).getName());
    // Add USER_TWO as a site collaborator
    JSONObject membership = new JSONObject();
    membership.put("role", SiteModel.SITE_COLLABORATOR);
    JSONObject person = new JSONObject();
    person.put("userName", USER_TWO);
    membership.put("person", person);
    // Post the membership
    Response response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
    result = new JSONObject(response.getContentAsString());
    assertEquals(SiteModel.SITE_COLLABORATOR, result.get("role"));
    assertEquals(USER_TWO, result.getJSONObject("authority").get("userName"));
    // Add USER_THREE as a site manager
    membership.put("role", SiteModel.SITE_MANAGER);
    person.put("userName", USER_THREE);
    membership.put("person", person);
    // Post the membership
    response = sendRequest(new PostRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
    result = new JSONObject(response.getContentAsString());
    assertEquals(SiteModel.SITE_MANAGER, result.get("role"));
    assertEquals(USER_THREE, result.getJSONObject("authority").get("userName"));
    // USER_TWO is a site collaborator so he should not be able to access the surf-config folder
    AuthenticationUtil.setFullyAuthenticatedUser(USER_TWO);
    try {
        fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
        fail("USER_TWO dose not have the appropriate permissions to perform this operation.");
    } catch (AccessDeniedException ex) {
    // expected
    }
    // USER_THREE is a site manager so he is able to access the surf-config folder
    AuthenticationUtil.setFullyAuthenticatedUser(USER_THREE);
    pageResults = fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
    fileInfos = pageResults.getPage();
    assertNotNull(fileInfos);
    assertEquals(1, fileInfos.size());
    // {siteName}/cm:surf-config/pages
    assertEquals("pages", fileInfos.get(0).getName());
    // Update USER_ONE role from SiteManager to SiteContributor.
    membership.put("role", SiteModel.SITE_CONTRIBUTOR);
    person.put("userName", USER_ONE);
    membership.put("person", person);
    response = sendRequest(new PutRequest(URL_SITES + "/" + shortName + URL_MEMBERSHIPS, membership.toString(), "application/json"), 200);
    result = new JSONObject(response.getContentAsString());
    assertEquals(SiteModel.SITE_CONTRIBUTOR, result.get("role"));
    assertEquals(USER_ONE, result.getJSONObject("authority").get("userName"));
    // USER_ONE is no longer a site manager
    // USER_ONE tries to access "{siteName}/cm:surf-config" children
    AuthenticationUtil.setFullyAuthenticatedUser(USER_ONE);
    try {
        fileFolderService.list(surfConfigFolderRef, true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
        fail("USER_ONE is not the owner and he is no longer a site manager, so does not have the appropriate permissions to perform this operation");
    } catch (AccessDeniedException ex) {
    // expected
    }
    // USER_ONE tries to access "{siteName}/cm:surf-config/pages" children
    try {
        fileFolderService.list(fileInfos.get(0).getNodeRef(), true, true, null, null, null, new PagingRequest(CannedQueryPageDetails.DEFAULT_PAGE_SIZE));
        fail("USER_ONE is not the owner and he is no longer a site manager, so does not have the appropriate permissions to perform this operation");
    } catch (AccessDeniedException ex) {
    // expected
    }
}
Also used : AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) AccessPermission(org.alfresco.service.cmr.security.AccessPermission) PutRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PutRequest) PagingRequest(org.alfresco.query.PagingRequest) Response(org.springframework.extensions.webscripts.TestWebScriptServer.Response) NodeRef(org.alfresco.service.cmr.repository.NodeRef) PostRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest) JSONObject(org.json.JSONObject) FileInfo(org.alfresco.service.cmr.model.FileInfo)

Example 99 with PostRequest

use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project records-management by Alfresco.

the class RmRestApiTest method testExport.

public void testExport() throws Exception {
    String exportUrl = "/api/rma/admin/export";
    // define JSON POST body
    JSONObject jsonPostData = new JSONObject();
    JSONArray nodeRefs = new JSONArray();
    nodeRefs.put(recordFolder.toString());
    nodeRefs.put(recordFolder2.toString());
    jsonPostData.put("nodeRefs", nodeRefs);
    String jsonPostString = jsonPostData.toString();
    // make the export request
    Response rsp = sendRequest(new PostRequest(exportUrl, jsonPostString, APPLICATION_JSON), 200);
    assertEquals("application/acp", rsp.getContentType());
}
Also used : Response(org.springframework.extensions.webscripts.TestWebScriptServer.Response) PostRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest) JSONObject(org.json.JSONObject) JSONArray(org.json.JSONArray)

Example 100 with PostRequest

use of org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest in project records-management by Alfresco.

the class RmRestApiTest method testPostReviewedAction.

public void testPostReviewedAction() throws IOException, JSONException {
    NodeRef testRecord = utils.createRecord(recordFolder, "test.txt");
    // In this test, this property has a date-value equal to the model import time.
    Serializable pristineReviewAsOf = this.nodeService.getProperty(testRecord, PROP_REVIEW_AS_OF);
    // Construct the JSON request for 'reviewed'.
    String jsonString = new JSONStringer().object().key("name").value("reviewed").key("nodeRef").value(testRecord.toString()).key("params").object().key("param1").value("one").key("param2").value("two").endObject().endObject().toString();
    // Submit the JSON request.
    final int expectedStatus = 200;
    Response rsp = sendRequest(new PostRequest(RMA_ACTIONS_URL, jsonString, APPLICATION_JSON), expectedStatus);
    String rspContent = rsp.getContentAsString();
    assertTrue(rspContent.contains("Successfully queued action [reviewed]"));
    Serializable newReviewAsOfDate = this.nodeService.getProperty(testRecord, PROP_REVIEW_AS_OF);
    assertFalse("The reviewAsOf property should have changed. Was " + pristineReviewAsOf, pristineReviewAsOf.equals(newReviewAsOfDate));
}
Also used : Response(org.springframework.extensions.webscripts.TestWebScriptServer.Response) NodeRef(org.alfresco.service.cmr.repository.NodeRef) Serializable(java.io.Serializable) PostRequest(org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest) JSONStringer(org.json.JSONStringer)

Aggregations

PostRequest (org.springframework.extensions.webscripts.TestWebScriptServer.PostRequest)110 JSONObject (org.json.JSONObject)90 Response (org.springframework.extensions.webscripts.TestWebScriptServer.Response)84 JSONArray (org.json.JSONArray)28 GetRequest (org.springframework.extensions.webscripts.TestWebScriptServer.GetRequest)25 JSONTokener (org.json.JSONTokener)23 NodeRef (org.alfresco.service.cmr.repository.NodeRef)22 DeleteRequest (org.springframework.extensions.webscripts.TestWebScriptServer.DeleteRequest)14 PutRequest (org.springframework.extensions.webscripts.TestWebScriptServer.PutRequest)10 JSONStringer (org.json.JSONStringer)9 File (java.io.File)8 ZipFile (java.util.zip.ZipFile)8 ByteArrayOutputStream (java.io.ByteArrayOutputStream)5 JSONObject (org.json.simple.JSONObject)5 IOException (java.io.IOException)4 UserTransaction (javax.transaction.UserTransaction)4 FileInfo (org.alfresco.service.cmr.model.FileInfo)4 ChildAssociationRef (org.alfresco.service.cmr.repository.ChildAssociationRef)4 JSONException (org.json.JSONException)4 Serializable (java.io.Serializable)3