1 17 package org.alfresco.repo.security.permissions.impl; 18 19 import java.util.HashSet ; 20 import java.util.Set ; 21 22 import net.sf.acegisecurity.Authentication; 23 import net.sf.acegisecurity.GrantedAuthority; 24 25 import org.alfresco.model.ContentModel; 26 import org.alfresco.repo.security.permissions.PermissionEntry; 27 import org.alfresco.service.cmr.repository.NodeRef; 28 import org.alfresco.service.cmr.security.AccessPermission; 29 import org.alfresco.service.cmr.security.AccessStatus; 30 import org.alfresco.service.cmr.security.PermissionService; 31 import org.alfresco.service.namespace.QName; 32 33 public class PermissionServiceTest extends AbstractPermissionTest 34 { 35 public PermissionServiceTest() 36 { 37 super(); 38 } 40 41 public void testAuthenticatedRoleIsPresent() 42 { 43 runAs("andy"); 44 Authentication auth = authenticationComponent.getCurrentAuthentication(); 45 for (GrantedAuthority authority : auth.getAuthorities()) 46 { 47 if (authority.getAuthority().equals(ROLE_AUTHENTICATED)) 48 { 49 return; 50 } 51 } 52 fail("Missing role ROLE_AUTHENTICATED "); 53 } 54 55 56 57 public void testSetInheritFalse() 58 { 59 runAs("andy"); 60 permissionService.setInheritParentPermissions(rootNodeRef, false); 61 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 62 assertFalse(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 63 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 64 assertEquals(0, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 65 } 66 67 public void testSetInheritTrue() 68 { 69 runAs("andy"); 70 permissionService.setInheritParentPermissions(rootNodeRef, true); 71 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 72 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 73 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 74 assertEquals(0, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 75 76 permissionService.deletePermissions(permissionService.getSetPermissions(rootNodeRef)); 77 } 78 79 public void testAlterInherit() 80 { 81 runAs("andy"); 82 testSetInheritFalse(); 83 testSetInheritTrue(); 84 testSetInheritFalse(); 85 testSetInheritTrue(); 86 87 permissionService.deletePermissions(rootNodeRef); 88 } 90 91 public void testSetNodePermissionEntry() 92 { 93 runAs("andy"); 94 Set <SimplePermissionEntry> entries = new HashSet <SimplePermissionEntry>(); 95 entries.add(new SimplePermissionEntry(rootNodeRef, new SimplePermissionReference(QName.createQName("A", "B"), 96 "C"), "user-one", AccessStatus.ALLOWED)); 97 entries.add(new SimplePermissionEntry(rootNodeRef, permissionService.getAllPermissionReference(), "user-two", 98 AccessStatus.ALLOWED)); 99 entries.add(new SimplePermissionEntry(rootNodeRef, new SimplePermissionReference(QName.createQName("D", "E"), 100 "F"), permissionService.getAllAuthorities(), AccessStatus.ALLOWED)); 101 entries.add(new SimplePermissionEntry(rootNodeRef, permissionService.getAllPermissionReference(), 102 permissionService.getAllAuthorities(), AccessStatus.DENIED)); 103 104 SimpleNodePermissionEntry entry = new SimpleNodePermissionEntry(rootNodeRef, false, entries); 105 106 permissionService.setPermission(entry); 107 108 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 109 assertFalse(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 110 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 111 assertEquals(4, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 112 } 113 114 public void testSetNodePermissionEntry2() 115 { 116 Set <SimplePermissionEntry> entries = new HashSet <SimplePermissionEntry>(); 117 entries.add(new SimplePermissionEntry(rootNodeRef, permissionService.getAllPermissionReference(), 118 permissionService.getAllAuthorities(), AccessStatus.ALLOWED)); 119 120 SimpleNodePermissionEntry entry = new SimpleNodePermissionEntry(rootNodeRef, false, entries); 121 122 permissionService.setPermission(entry); 123 124 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 125 assertFalse(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 126 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 127 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 128 } 129 130 public void testAlterNodePermissions() 131 { 132 testSetNodePermissionEntry(); 133 testSetNodePermissionEntry2(); 134 testSetNodePermissionEntry(); 135 testSetNodePermissionEntry2(); 136 } 137 138 public void testSetPermissionEntryElements() 139 { 140 permissionService.setPermission(rootNodeRef, "andy", permissionService.getAllPermission(), true); 141 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 142 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 143 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 144 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 145 for (PermissionEntry pe : permissionService.getSetPermissions(rootNodeRef).getPermissionEntries()) 146 { 147 assertEquals("andy", pe.getAuthority()); 148 assertTrue(pe.isAllowed()); 149 assertTrue(pe.getPermissionReference().getQName().equals( 150 permissionService.getAllPermissionReference().getQName())); 151 assertTrue(pe.getPermissionReference().getName().equals( 152 permissionService.getAllPermissionReference().getName())); 153 assertEquals(rootNodeRef, pe.getNodeRef()); 154 } 155 156 158 permissionService.setPermission(rootNodeRef, "andy", permissionService.getAllPermission(), true); 159 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 160 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 161 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 162 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 163 164 166 permissionService.setPermission(rootNodeRef, "other", permissionService.getAllPermission(), true); 167 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 168 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 169 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 170 assertEquals(2, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 171 172 174 permissionService.setPermission(rootNodeRef, "andy", permissionService.getAllPermission(), false); 175 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 176 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 177 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 178 assertEquals(3, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 179 180 182 permissionService.setPermission(rootNodeRef, "andy", PermissionService.READ, false); 183 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 184 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 185 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 186 assertEquals(4, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 187 188 190 permissionService.deletePermission(rootNodeRef, "andy", PermissionService.READ, false); 191 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 192 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 193 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 194 assertEquals(3, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 195 196 permissionService.deletePermission(rootNodeRef, "andy", permissionService.getAllPermission(), false); 197 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 198 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 199 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 200 assertEquals(2, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 201 202 permissionService.deletePermission(rootNodeRef, "other", permissionService.getAllPermission(), true); 203 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 204 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 205 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 206 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 207 208 permissionService.deletePermission(rootNodeRef, "andy", permissionService.getAllPermission(), true); 209 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 210 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 211 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 212 assertEquals(0, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 213 214 } 215 216 public void testSetPermissionEntry() 217 { 218 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 219 .getAllPermissionReference(), "andy", AccessStatus.ALLOWED)); 220 permissionService.setPermission(rootNodeRef, "andy", permissionService.getAllPermission(), true); 221 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 222 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 223 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 224 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 225 for (PermissionEntry pe : permissionService.getSetPermissions(rootNodeRef).getPermissionEntries()) 226 { 227 assertEquals("andy", pe.getAuthority()); 228 assertTrue(pe.isAllowed()); 229 assertTrue(pe.getPermissionReference().getQName().equals( 230 permissionService.getAllPermissionReference().getQName())); 231 assertTrue(pe.getPermissionReference().getName().equals( 232 permissionService.getAllPermissionReference().getName())); 233 assertEquals(rootNodeRef, pe.getNodeRef()); 234 } 235 236 238 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 239 .getAllPermissionReference(), "andy", AccessStatus.ALLOWED)); 240 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 241 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 242 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 243 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 244 245 247 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 248 .getAllPermissionReference(), "other", AccessStatus.ALLOWED)); 249 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 250 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 251 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 252 assertEquals(2, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 253 254 256 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 257 .getAllPermissionReference(), "andy", AccessStatus.DENIED)); 258 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 259 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 260 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 261 assertEquals(3, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 262 263 265 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, new SimplePermissionReference(QName 266 .createQName("A", "B"), "C"), "andy", AccessStatus.DENIED)); 267 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 268 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 269 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 270 assertEquals(4, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 271 272 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, new SimplePermissionReference(QName 273 .createQName("A", "B"), "C"), "andy", AccessStatus.DENIED)); 274 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 275 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 276 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 277 assertEquals(3, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 278 279 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, permissionService 280 .getAllPermissionReference(), "andy", AccessStatus.DENIED)); 281 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 282 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 283 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 284 assertEquals(2, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 285 286 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, permissionService 287 .getAllPermissionReference(), "other", AccessStatus.ALLOWED)); 288 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 289 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 290 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 291 assertEquals(1, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 292 293 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, permissionService 294 .getAllPermissionReference(), "andy", AccessStatus.ALLOWED)); 295 assertNotNull(permissionService.getSetPermissions(rootNodeRef)); 296 assertTrue(permissionService.getSetPermissions(rootNodeRef).inheritPermissions()); 297 assertEquals(rootNodeRef, permissionService.getSetPermissions(rootNodeRef).getNodeRef()); 298 assertEquals(0, permissionService.getSetPermissions(rootNodeRef).getPermissionEntries().size()); 299 } 300 301 public void testGetSettablePermissionsForType() 302 { 303 Set <String > answer = permissionService.getSettablePermissions(QName.createQName("sys", "base", 304 namespacePrefixResolver)); 305 assertEquals(17, answer.size()); 306 307 answer = permissionService.getSettablePermissions(QName.createQName("cm", "ownable", namespacePrefixResolver)); 308 assertEquals(0, answer.size()); 309 310 answer = permissionService.getSettablePermissions(QName.createQName("cm", "content", namespacePrefixResolver)); 311 assertEquals(5, answer.size()); 312 313 answer = permissionService.getSettablePermissions(QName.createQName("cm", "folder", namespacePrefixResolver)); 314 assertEquals(5, answer.size()); 315 } 316 317 public void testGetSettablePermissionsForNode() 318 { 319 QName ownable = QName.createQName("cm", "ownable", namespacePrefixResolver); 320 321 Set <String > answer = permissionService.getSettablePermissions(rootNodeRef); 322 assertEquals(21, answer.size()); 323 324 nodeService.addAspect(rootNodeRef, ownable, null); 325 answer = permissionService.getSettablePermissions(rootNodeRef); 326 assertEquals(21, answer.size()); 327 328 nodeService.removeAspect(rootNodeRef, ownable); 329 answer = permissionService.getSettablePermissions(rootNodeRef); 330 assertEquals(21, answer.size()); 331 } 332 333 public void testSimplePermissionOnRoot() 334 { 335 runAs("andy"); 336 337 assertEquals(21, permissionService.getPermissions(rootNodeRef).size()); 338 assertEquals(0, countGranted(permissionService.getPermissions(rootNodeRef))); 339 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 340 341 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 342 runAs("lemur"); 343 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 344 345 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 346 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 347 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 348 runAs("andy"); 349 350 assertEquals(21, permissionService.getPermissions(rootNodeRef).size()); 351 assertEquals(1, countGranted(permissionService.getPermissions(rootNodeRef))); 352 353 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 354 runAs("lemur"); 355 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 356 357 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 358 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 359 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 360 runAs("andy"); 361 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 362 runAs("lemur"); 363 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 364 365 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 366 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 367 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 368 runAs("andy"); 369 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 370 runAs("lemur"); 371 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 372 373 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 374 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 375 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 376 runAs("andy"); 377 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 378 runAs("lemur"); 379 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 380 381 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 382 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 383 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 384 runAs("andy"); 385 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 386 runAs("lemur"); 387 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 388 389 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 390 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 391 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 392 runAs("andy"); 393 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 394 runAs("lemur"); 395 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 396 397 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 398 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 399 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 400 runAs("andy"); 401 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 402 runAs("lemur"); 403 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 404 } 405 406 private int countGranted(Set <AccessPermission> permissions) 407 { 408 int count = 0; 409 for (AccessPermission ap : permissions) 410 { 411 if (ap.getAccessStatus() == AccessStatus.ALLOWED) 412 { 413 count++; 414 } 415 } 416 return count; 417 } 418 419 public void testGlobalPermissionsForAdmin() 420 { 421 runAs("admin"); 422 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 423 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 424 425 NodeRef n2 = nodeService.createNode(n1, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}two"), 426 ContentModel.TYPE_CONTENT).getChildRef(); 427 428 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 429 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 430 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 431 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 432 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 433 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 434 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 435 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 436 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 437 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 438 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 439 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 440 441 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 442 "admin", AccessStatus.DENIED)); 443 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 444 getPermission(PermissionService.READ_PROPERTIES), "admin", AccessStatus.DENIED)); 445 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 446 getPermission(PermissionService.READ_CHILDREN), "admin", AccessStatus.DENIED)); 447 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 448 getPermission(PermissionService.READ_CONTENT), "admin", AccessStatus.DENIED)); 449 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 450 getPermission(PermissionService.ALL_PERMISSIONS), "admin", AccessStatus.DENIED)); 451 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 452 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 453 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 454 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 455 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 456 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 457 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 458 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 459 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 460 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 461 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 462 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 463 } 464 465 public void testPermissionGroupOnRoot() 466 { 467 runAs("andy"); 468 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 469 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 470 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 471 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 472 runAs("lemur"); 473 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 474 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 475 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 476 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 477 478 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 479 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 480 "andy", AccessStatus.ALLOWED)); 481 runAs("andy"); 482 483 assertEquals(21, permissionService.getPermissions(rootNodeRef).size()); 484 assertEquals(3, countGranted(permissionService.getPermissions(rootNodeRef))); 485 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 486 487 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 488 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 489 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 490 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 491 runAs("lemur"); 492 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 493 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 494 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 495 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 496 497 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 498 "andy", AccessStatus.DENIED)); 499 runAs("andy"); 500 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 501 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 502 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 503 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 504 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 505 runAs("lemur"); 506 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 507 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 508 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 509 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 510 511 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 512 "andy", AccessStatus.ALLOWED)); 513 runAs("andy"); 514 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 515 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 516 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 517 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 518 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 519 runAs("lemur"); 520 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 521 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 522 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 523 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 524 525 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 526 "andy", AccessStatus.DENIED)); 527 runAs("andy"); 528 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 529 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 530 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 531 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 532 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 533 runAs("lemur"); 534 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 535 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 536 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 537 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 538 539 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 540 "andy", AccessStatus.ALLOWED)); 541 runAs("andy"); 542 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 543 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 544 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 545 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 546 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 547 runAs("lemur"); 548 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 549 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 550 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 551 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 552 553 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 554 getPermission(PermissionService.READ), "andy", AccessStatus.DENIED)); 555 runAs("andy"); 556 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 557 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 558 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 559 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 560 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 561 runAs("lemur"); 562 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 563 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 564 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 565 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 566 567 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 568 getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED)); 569 runAs("andy"); 570 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 571 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 572 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 573 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 574 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 575 runAs("lemur"); 576 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 577 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 578 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 579 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 580 runAs("andy"); 581 } 582 583 public void testSimplePermissionSimpleInheritance() 584 { 585 runAs("admin"); 586 587 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 588 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 589 590 runAs("andy"); 591 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 592 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 593 runAs("lemur"); 594 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 595 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 596 597 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 598 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 599 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 600 runAs("andy"); 601 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 602 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 603 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 606 runAs("lemur"); 607 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 608 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 609 610 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 611 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 612 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 613 runAs("andy"); 614 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 615 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 616 runAs("lemur"); 617 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 618 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 619 620 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 621 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 622 assertEquals(3, permissionService.getAllSetPermissions(rootNodeRef).size()); 623 runAs("andy"); 624 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 625 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 626 runAs("lemur"); 627 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 628 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 629 630 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 631 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 632 assertEquals(3, permissionService.getAllSetPermissions(rootNodeRef).size()); 633 runAs("andy"); 634 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 635 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 636 runAs("lemur"); 637 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 638 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 639 640 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 641 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 642 assertEquals(3, permissionService.getAllSetPermissions(rootNodeRef).size()); 643 runAs("andy"); 644 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 645 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 646 runAs("lemur"); 647 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 648 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 649 650 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 651 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 652 assertEquals(3, permissionService.getAllSetPermissions(rootNodeRef).size()); 653 runAs("andy"); 654 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 655 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 656 runAs("lemur"); 657 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 658 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 659 660 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 661 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 662 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 663 runAs("andy"); 664 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 665 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 666 runAs("lemur"); 667 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 668 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 669 670 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 671 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 672 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 673 runAs("andy"); 674 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 675 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 676 runAs("lemur"); 677 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 678 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 679 } 680 681 public void testPermissionGroupSimpleInheritance() 682 { 683 runAs("admin"); 684 685 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 686 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 687 688 runAs("andy"); 689 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 690 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 691 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 692 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 693 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 694 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 695 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 696 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 697 runAs("lemur"); 698 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 699 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 700 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 701 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 702 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 703 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 704 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 705 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 706 707 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 708 "andy", AccessStatus.ALLOWED)); 709 runAs("andy"); 710 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 711 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 712 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 713 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 714 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 715 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 716 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 717 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 718 runAs("lemur"); 719 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 720 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 721 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 722 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 723 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 724 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 725 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 726 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 727 728 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 729 "andy", AccessStatus.DENIED)); 730 runAs("andy"); 731 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 732 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 733 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 734 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 735 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 736 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 737 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 738 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 739 runAs("lemur"); 740 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 741 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 742 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 743 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 744 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 745 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 746 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 747 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 748 749 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 750 "andy", AccessStatus.ALLOWED)); 751 runAs("andy"); 752 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 753 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 754 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 755 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 756 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 757 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 758 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 759 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 760 runAs("lemur"); 761 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 762 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 763 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 764 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 765 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 766 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 767 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 768 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 769 770 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 771 "andy", AccessStatus.DENIED)); 772 runAs("andy"); 773 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 774 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 775 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 776 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 777 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 778 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 779 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 780 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 781 runAs("lemur"); 782 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 783 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 784 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 785 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 786 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 787 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 788 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 789 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 790 791 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 792 "andy", AccessStatus.ALLOWED)); 793 runAs("andy"); 794 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 795 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 796 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 797 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 798 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 799 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 800 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 801 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 802 runAs("lemur"); 803 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 804 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 805 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 806 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 807 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 808 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 809 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 810 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 811 812 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 813 getPermission(PermissionService.READ), "andy", AccessStatus.DENIED)); 814 runAs("andy"); 815 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 816 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 817 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 818 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 819 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 820 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 821 assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 822 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 823 runAs("lemur"); 824 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 825 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 826 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 827 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 828 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 829 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 830 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 831 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 832 833 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 834 getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED)); 835 runAs("andy"); 836 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 837 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 838 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 839 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 840 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 841 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 842 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 843 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 844 runAs("lemur"); 845 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 846 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 847 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 848 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 849 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 850 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 851 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 852 assertFalse(permissionService.hasPermission(n1, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 853 } 854 855 public void testDenySimplePermisionOnRootNode() 856 { 857 runAs("andy"); 858 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 859 runAs("lemur"); 860 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 861 862 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 863 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 864 runAs("andy"); 865 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 866 runAs("lemur"); 867 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 868 869 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 870 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 871 runAs("andy"); 872 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 873 runAs("lemur"); 874 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 875 876 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 877 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 878 runAs("andy"); 879 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 880 runAs("lemur"); 881 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 882 883 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 884 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 885 runAs("andy"); 886 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 887 runAs("lemur"); 888 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 889 } 890 891 public void testDenyPermissionOnRootNOde() 892 { 893 894 runAs("andy"); 895 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 896 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 897 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 898 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 899 runAs("lemur"); 900 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 901 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 902 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 903 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 904 905 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 906 "andy", AccessStatus.ALLOWED)); 907 runAs("andy"); 908 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 909 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 910 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 911 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 912 runAs("lemur"); 913 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 914 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 915 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 916 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 917 918 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 919 "andy", AccessStatus.DENIED)); 920 runAs("andy"); 921 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 922 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 923 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 924 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 925 runAs("lemur"); 926 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 927 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 928 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 929 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 930 931 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 932 getPermission(PermissionService.READ), "andy", AccessStatus.DENIED)); 933 runAs("andy"); 934 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 935 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 936 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 937 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 938 runAs("lemur"); 939 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 940 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 941 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 942 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 943 944 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 945 getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED)); 946 runAs("andy"); 947 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 948 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 949 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 950 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 951 runAs("lemur"); 952 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 953 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 954 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 955 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 956 } 957 958 public void testComplexDenyOnRootNode() 959 { 960 961 runAs("andy"); 962 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 963 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 964 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 965 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 966 runAs("lemur"); 967 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 968 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 969 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 970 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 971 972 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 973 "andy", AccessStatus.ALLOWED)); 974 runAs("andy"); 975 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 976 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 977 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 978 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 979 runAs("lemur"); 980 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 981 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 982 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 983 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 984 985 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 986 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 987 runAs("andy"); 988 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 989 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 990 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 991 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 992 runAs("lemur"); 993 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 994 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 995 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 996 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 997 998 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 999 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1000 runAs("andy"); 1001 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1002 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1003 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1004 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1005 runAs("lemur"); 1006 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1007 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1008 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1009 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1010 1011 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1012 "andy", AccessStatus.DENIED)); 1013 runAs("andy"); 1014 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1015 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1016 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1017 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1018 runAs("lemur"); 1019 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1020 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1021 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1022 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1023 } 1024 1025 public void testPerf() throws Exception 1026 { 1027 runAs("admin"); 1028 1029 1033 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 1034 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 1035 NodeRef n2 = nodeService.createNode(n1, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}two"), 1036 ContentModel.TYPE_FOLDER).getChildRef(); 1037 NodeRef n3 = nodeService.createNode(n2, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}three"), 1038 ContentModel.TYPE_FOLDER).getChildRef(); 1039 NodeRef n4 = nodeService.createNode(n3, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}four"), 1040 ContentModel.TYPE_FOLDER).getChildRef(); 1041 NodeRef n5 = nodeService.createNode(n4, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}five"), 1042 ContentModel.TYPE_FOLDER).getChildRef(); 1043 NodeRef n6 = nodeService.createNode(n5, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}six"), 1044 ContentModel.TYPE_FOLDER).getChildRef(); 1045 NodeRef n7 = nodeService.createNode(n6, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}seven"), 1046 ContentModel.TYPE_FOLDER).getChildRef(); 1047 NodeRef n8 = nodeService.createNode(n7, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}eight"), 1048 ContentModel.TYPE_FOLDER).getChildRef(); 1049 NodeRef n9 = nodeService.createNode(n8, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}nine"), 1050 ContentModel.TYPE_FOLDER).getChildRef(); 1051 NodeRef n10 = nodeService.createNode(n9, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}ten"), 1052 ContentModel.TYPE_FOLDER).getChildRef(); 1053 1054 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1055 "andy", AccessStatus.ALLOWED)); 1056 1063 long start; 1064 long end; 1065 long time = 0; 1066 for (int i = 0; i < 1000; i++) 1067 { 1068 getSession().flush(); 1069 start = System.nanoTime(); 1071 assertTrue(permissionService.hasPermission(n10, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1072 end = System.nanoTime(); 1073 time += (end - start); 1074 } 1075 System.out.println("Time is " + (time / 1000000000.0)); 1076 1078 time = 0; 1079 for (int i = 0; i < 1000; i++) 1080 { 1081 start = System.nanoTime(); 1082 assertTrue(permissionService.hasPermission(n10, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1083 end = System.nanoTime(); 1084 time += (end - start); 1085 } 1086 System.out.println("Time is " + (time / 1000000000.0)); 1087 1089 } 1091 1092 public void testAllPermissions() 1093 { 1094 runAs("andy"); 1095 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1096 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1097 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1098 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1099 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1100 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1101 assertFalse(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1102 runAs("lemur"); 1103 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1104 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1105 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1106 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1107 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1108 1109 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 1110 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 1111 .getAllPermissionReference(), "andy", AccessStatus.ALLOWED)); 1112 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 1113 runAs("andy"); 1114 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1115 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1116 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1117 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1118 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1119 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1120 assertTrue(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1121 runAs("lemur"); 1122 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1123 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1124 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1125 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1126 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1127 1128 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1129 "andy", AccessStatus.DENIED)); 1130 runAs("andy"); 1131 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 1132 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1133 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1134 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1135 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1136 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1137 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1138 assertFalse(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1139 runAs("lemur"); 1140 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1141 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1142 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1143 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1144 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1145 1146 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 1147 .getAllPermissionReference(), "andy", AccessStatus.DENIED)); 1148 assertEquals(3, permissionService.getAllSetPermissions(rootNodeRef).size()); 1149 runAs("andy"); 1150 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1151 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1152 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1153 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1154 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1155 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1156 assertFalse(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1157 runAs("lemur"); 1158 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1159 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1160 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1161 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1162 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1163 1164 } 1165 1166 1167 public void testOldAllPermissions() 1168 { 1169 runAs("andy"); 1170 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1171 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1172 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1173 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1174 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1175 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1176 assertFalse(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1177 runAs("lemur"); 1178 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1179 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1180 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1181 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1182 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1183 1184 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 1185 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE, "andy", AccessStatus.ALLOWED)); 1186 assertEquals(1, permissionService.getAllSetPermissions(rootNodeRef).size()); 1187 runAs("andy"); 1188 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1189 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1190 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1191 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1192 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1193 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1194 assertTrue(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1195 runAs("lemur"); 1196 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1197 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1198 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1199 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1200 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1201 1202 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1203 "andy", AccessStatus.DENIED)); 1204 runAs("andy"); 1205 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 1206 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1207 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1208 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1209 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1210 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1211 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1212 assertFalse(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1213 runAs("lemur"); 1214 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1215 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1216 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1217 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1218 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1219 1220 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 1221 .getAllPermissionReference(), "andy", AccessStatus.DENIED)); 1222 assertEquals(3, permissionService.getAllSetPermissions(rootNodeRef).size()); 1223 runAs("andy"); 1224 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1225 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1226 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1227 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1228 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1229 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.ALL_PERMISSIONS)) == AccessStatus.ALLOWED); 1230 assertFalse(permissionService.hasPermission(rootNodeRef, PermissionServiceImpl.OLD_ALL_PERMISSIONS_REFERENCE) == AccessStatus.ALLOWED); 1231 runAs("lemur"); 1232 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1233 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1234 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1235 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1236 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1237 1238 } 1239 1240 1241 public void testAuthenticatedAuthority() 1242 { 1243 1244 runAs("andy"); 1245 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1246 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1247 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1248 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1249 runAs("lemur"); 1250 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1251 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1252 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1253 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1254 1255 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1256 ROLE_AUTHENTICATED, AccessStatus.ALLOWED)); 1257 runAs("andy"); 1258 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1259 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1260 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1261 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1262 runAs("lemur"); 1263 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1264 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1265 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1266 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1267 1268 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1269 ROLE_AUTHENTICATED, AccessStatus.DENIED)); 1270 runAs("andy"); 1271 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1272 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1273 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1274 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1275 runAs("lemur"); 1276 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1277 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1278 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1279 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1280 1281 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 1282 getPermission(PermissionService.READ), ROLE_AUTHENTICATED, AccessStatus.DENIED)); 1283 runAs("andy"); 1284 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1285 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1286 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1287 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1288 runAs("lemur"); 1289 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1290 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1291 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1292 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1293 1294 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 1295 getPermission(PermissionService.READ), ROLE_AUTHENTICATED, AccessStatus.ALLOWED)); 1296 runAs("andy"); 1297 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1298 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1299 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1300 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1301 runAs("lemur"); 1302 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1303 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1304 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1305 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1306 } 1307 1308 public void testAllAuthorities() 1309 { 1310 1311 runAs("andy"); 1312 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1313 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1314 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1315 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1316 runAs("lemur"); 1317 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1318 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1319 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1320 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1321 1322 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1323 permissionService.getAllAuthorities(), AccessStatus.ALLOWED)); 1324 runAs("andy"); 1325 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1326 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1327 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1328 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1329 runAs("lemur"); 1330 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1331 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1332 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1333 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1334 1335 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1336 permissionService.getAllAuthorities(), AccessStatus.DENIED)); 1337 runAs("andy"); 1338 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1339 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1340 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1341 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1342 runAs("lemur"); 1343 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1344 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1345 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1346 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1347 1348 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 1349 getPermission(PermissionService.READ), permissionService.getAllAuthorities(), AccessStatus.DENIED)); 1350 runAs("andy"); 1351 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1352 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1353 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1354 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1355 runAs("lemur"); 1356 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1357 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1358 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1359 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1360 1361 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 1362 getPermission(PermissionService.READ), permissionService.getAllAuthorities(), AccessStatus.ALLOWED)); 1363 runAs("andy"); 1364 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1365 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1366 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1367 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1368 runAs("lemur"); 1369 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1370 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1371 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1372 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1373 } 1374 1375 public void testAllPermissionsAllAuthorities() 1376 { 1377 1378 runAs("andy"); 1379 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1380 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1381 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1382 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1383 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1384 runAs("lemur"); 1385 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1386 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1387 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1388 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1389 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1390 1391 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 1392 .getAllPermissionReference(), permissionService.getAllAuthorities(), AccessStatus.ALLOWED)); 1393 runAs("andy"); 1394 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1395 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1396 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1397 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1398 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1399 runAs("lemur"); 1400 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1401 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1402 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1403 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1404 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1405 1406 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1407 permissionService.getAllAuthorities(), AccessStatus.DENIED)); 1408 runAs("andy"); 1409 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1410 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1411 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1412 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1413 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1414 runAs("lemur"); 1415 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1416 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1417 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1418 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1419 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1420 1421 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, permissionService 1422 .getAllPermissionReference(), permissionService.getAllAuthorities(), AccessStatus.DENIED)); 1423 runAs("andy"); 1424 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1425 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1426 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1427 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1428 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1429 runAs("lemur"); 1430 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1431 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.WRITE)) == AccessStatus.ALLOWED); 1432 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1433 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1434 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1435 } 1436 1437 public void testGroupAndUserInteraction() 1438 { 1439 1440 runAs("andy"); 1441 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1442 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1443 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1444 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1445 runAs("lemur"); 1446 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1447 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1448 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1449 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1450 1451 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1452 "andy", AccessStatus.ALLOWED)); 1453 runAs("andy"); 1454 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1455 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1456 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1457 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1458 runAs("lemur"); 1459 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1460 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1461 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1462 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1463 1464 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1465 ROLE_AUTHENTICATED, AccessStatus.ALLOWED)); 1466 runAs("andy"); 1467 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1468 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1469 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1470 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1471 runAs("lemur"); 1472 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1473 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1474 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1475 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1476 1477 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1478 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED)); 1479 runAs("andy"); 1480 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1481 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1482 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1483 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1484 runAs("lemur"); 1485 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1486 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1487 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1488 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1489 1490 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1491 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1492 runAs("andy"); 1493 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1494 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1495 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1496 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1497 runAs("lemur"); 1498 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1499 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1500 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1501 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1502 1503 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1504 "andy", AccessStatus.DENIED)); 1505 runAs("andy"); 1506 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1507 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1508 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1509 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1510 runAs("lemur"); 1511 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1512 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1513 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1514 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1515 } 1516 1517 public void testInheritPermissions() 1518 { 1519 runAs("admin"); 1520 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 1521 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 1522 NodeRef n2 = nodeService.createNode(n1, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}two"), 1523 ContentModel.TYPE_FOLDER).getChildRef(); 1524 1525 runAs("andy"); 1526 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1527 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1528 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1529 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1530 runAs("lemur"); 1531 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1532 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1533 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1534 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1535 1536 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1537 "andy", AccessStatus.ALLOWED)); 1538 permissionService.setPermission(new SimplePermissionEntry(n1, getPermission(PermissionService.READ), "andy", 1539 AccessStatus.ALLOWED)); 1540 1541 runAs("andy"); 1542 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1543 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1544 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1545 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1546 runAs("lemur"); 1547 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1548 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1549 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1550 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1551 1552 permissionService.setInheritParentPermissions(n2, false); 1553 1554 runAs("andy"); 1555 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1556 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1557 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1558 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1559 runAs("lemur"); 1560 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1561 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1562 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1563 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1564 1565 permissionService.setInheritParentPermissions(n2, true); 1566 1567 runAs("andy"); 1568 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1569 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1570 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1571 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1572 runAs("lemur"); 1573 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1574 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1575 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1576 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1577 1578 } 1579 1580 public void testAncestorRequirementAndInheritance() 1581 { 1582 runAs("admin"); 1583 1584 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 1585 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 1586 NodeRef n2 = nodeService.createNode(n1, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}two"), 1587 ContentModel.TYPE_FOLDER).getChildRef(); 1588 1589 runAs("andy"); 1590 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1591 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1592 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1593 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1594 runAs("lemur"); 1595 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1596 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1597 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1598 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1599 1600 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1601 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1602 permissionService.setPermission(new SimplePermissionEntry(n1, getPermission(PermissionService.READ_CHILDREN), 1603 "andy", AccessStatus.ALLOWED)); 1604 permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_PROPERTIES), 1605 "andy", AccessStatus.ALLOWED)); 1606 1607 runAs("andy"); 1608 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1609 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1610 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1611 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1612 runAs("lemur"); 1613 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1614 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1615 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1616 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1617 1618 permissionService.setPermission(new SimplePermissionEntry(n1, getPermission(PermissionService.READ_CHILDREN), 1619 "andy", AccessStatus.DENIED)); 1620 permissionService.setInheritParentPermissions(n2, false); 1621 1622 runAs("andy"); 1623 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1624 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1625 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1626 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1627 runAs("lemur"); 1628 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1629 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1630 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1631 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1632 1633 permissionService.setInheritParentPermissions(n2, true); 1634 1635 1636 1637 runAs("andy"); 1638 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1639 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1642 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1643 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1644 runAs("lemur"); 1645 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1646 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1647 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1648 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1649 } 1650 1651 public void testEffectiveComposite() 1652 { 1653 1654 runAs("andy"); 1655 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1656 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1657 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1658 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1659 runAs("lemur"); 1660 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1661 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1662 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1663 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1664 1665 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1666 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1667 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1668 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 1669 1670 runAs("andy"); 1671 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1672 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1673 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1674 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1675 runAs("lemur"); 1676 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1677 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1678 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1679 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1680 1681 } 1682 1683 public void testContentPermissions() 1684 { 1685 runAs("admin"); 1686 1687 NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, 1688 QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef(); 1689 NodeRef n2 = nodeService.createNode(n1, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}two"), 1690 ContentModel.TYPE_CONTENT).getChildRef(); 1691 1692 runAs("andy"); 1693 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1694 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1695 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1696 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1697 runAs("lemur"); 1698 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1699 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1700 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1701 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1702 1703 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1704 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1705 permissionService.setPermission(new SimplePermissionEntry(n1, getPermission(PermissionService.READ_CHILDREN), 1706 "andy", AccessStatus.ALLOWED)); 1707 permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_CHILDREN), 1708 "andy", AccessStatus.ALLOWED)); 1709 permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_PROPERTIES), 1710 "andy", AccessStatus.ALLOWED)); 1711 1712 runAs("andy"); 1713 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1714 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1715 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1716 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1717 runAs("lemur"); 1718 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1719 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1720 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1721 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1722 1723 permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_CONTENT), 1724 "andy", AccessStatus.ALLOWED)); 1725 1726 runAs("andy"); 1727 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1728 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1729 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1730 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1731 runAs("lemur"); 1732 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1733 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1734 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1735 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1736 1737 permissionService.deletePermission(new SimplePermissionEntry(n2, 1738 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1739 permissionService.deletePermission(new SimplePermissionEntry(n2, 1740 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 1741 permissionService.deletePermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_CONTENT), 1742 "andy", AccessStatus.ALLOWED)); 1743 1744 runAs("andy"); 1745 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1746 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1747 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1748 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1749 runAs("lemur"); 1750 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1751 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1752 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1753 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1754 1755 permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ), "andy", 1756 AccessStatus.ALLOWED)); 1757 1758 runAs("andy"); 1759 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1760 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1761 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1762 assertTrue(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1763 runAs("lemur"); 1764 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1765 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1766 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1767 assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1768 1769 } 1770 1771 public void testAllPermissionSet() 1772 { 1773 runAs("andy"); 1774 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1775 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1776 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1777 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1778 runAs("lemur"); 1779 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1780 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1781 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1782 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1783 1784 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1785 getPermission(PermissionService.FULL_CONTROL), "andy", AccessStatus.ALLOWED)); 1786 1787 runAs("andy"); 1788 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1789 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1790 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1791 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1792 runAs("lemur"); 1793 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1794 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1795 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1796 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1797 1798 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1799 getPermission(PermissionService.FULL_CONTROL), "andy", AccessStatus.DENIED)); 1800 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1801 "andy", AccessStatus.ALLOWED)); 1802 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1803 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1804 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1805 getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED)); 1806 1807 runAs("andy"); 1808 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1809 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1810 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1811 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1812 runAs("lemur"); 1813 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1814 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1815 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1816 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1817 1818 permissionService.deletePermission(new SimplePermissionEntry(rootNodeRef, 1819 getPermission(PermissionService.FULL_CONTROL), "andy", AccessStatus.DENIED)); 1820 1821 runAs("andy"); 1822 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1823 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1824 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1825 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1826 runAs("lemur"); 1827 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED); 1828 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED); 1829 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1830 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED); 1831 1832 } 1833 1834 public void testChildrenRequirements() 1835 { 1836 if (!personService.createMissingPeople()) 1837 { 1838 assertEquals(1, nodeService.getChildAssocs(rootNodeRef).size()); 1839 } 1840 runAs("andy"); 1841 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1842 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1843 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1844 runAs("lemur"); 1845 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1846 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1847 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1848 1849 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1850 "andy", AccessStatus.ALLOWED)); 1851 1852 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.DELETE), 1853 "andy", AccessStatus.ALLOWED)); 1854 1855 runAs("andy"); 1856 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1857 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1858 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1859 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1860 runAs("lemur"); 1861 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1862 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1863 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1864 1865 runAs("andy"); 1866 assertTrue(permissionService.hasPermission(systemNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1867 assertTrue(permissionService.hasPermission(systemNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1868 assertTrue(permissionService.hasPermission(systemNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1869 runAs("lemur"); 1870 assertFalse(permissionService.hasPermission(systemNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1871 assertFalse(permissionService.hasPermission(systemNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1872 assertFalse(permissionService.hasPermission(systemNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1873 1874 permissionService.setPermission(new SimplePermissionEntry(systemNodeRef, 1875 getPermission(PermissionService.DELETE), "andy", AccessStatus.DENIED)); 1876 1877 runAs("andy"); 1878 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1879 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1881 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1882 assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED); 1883 runAs("lemur"); 1884 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE)) == AccessStatus.ALLOWED); 1885 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_CHILDREN)) == AccessStatus.ALLOWED); 1886 assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.DELETE_NODE)) == AccessStatus.ALLOWED); 1887 1888 } 1889 1890 public void testClearPermission() 1891 { 1892 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 1893 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1894 "andy", AccessStatus.ALLOWED)); 1895 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1896 getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED)); 1897 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 1898 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), 1899 "lemur", AccessStatus.ALLOWED)); 1900 permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, 1901 getPermission(PermissionService.READ_CHILDREN), "lemur", AccessStatus.ALLOWED)); 1902 assertEquals(4, permissionService.getAllSetPermissions(rootNodeRef).size()); 1903 1904 permissionService.clearPermission(rootNodeRef, "andy"); 1905 assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size()); 1906 permissionService.clearPermission(rootNodeRef, "lemur"); 1907 assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size()); 1908 1909 } 1910 1911 1912 1914 1915} 1916 | Popular Tags |