KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > opencms > file > TestPermissions


1 /*
2  * File : $Source: /usr/local/cvs/opencms/test/org/opencms/file/TestPermissions.java,v $
3  * Date : $Date: 2006/10/27 13:39:29 $
4  * Version: $Revision: 1.23 $
5  *
6  * This library is part of OpenCms -
7  * the Open Source Content Mananagement System
8  *
9  * Copyright (c) 2005 Alkacon Software GmbH (http://www.alkacon.com)
10  *
11  * This library is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU Lesser General Public
13  * License as published by the Free Software Foundation; either
14  * version 2.1 of the License, or (at your option) any later version.
15  *
16  * This library is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19  * Lesser General Public License for more details.
20  *
21  * For further information about Alkacon Software GmbH, please see the
22  * company website: http://www.alkacon.com
23  *
24  * For further information about OpenCms, please see the
25  * project website: http://www.opencms.org
26  *
27  * You should have received a copy of the GNU Lesser General Public
28  * License along with this library; if not, write to the Free Software
29  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30  */
31
32 package org.opencms.file;
33
34 import org.opencms.file.types.CmsResourceTypeFolder;
35 import org.opencms.file.types.CmsResourceTypeImage;
36 import org.opencms.file.types.CmsResourceTypePlain;
37 import org.opencms.main.OpenCms;
38 import org.opencms.security.CmsAccessControlEntry;
39 import org.opencms.security.CmsPermissionSet;
40 import org.opencms.security.I_CmsPrincipal;
41 import org.opencms.test.OpenCmsTestCase;
42 import org.opencms.test.OpenCmsTestProperties;
43 import org.opencms.util.CmsUUID;
44
45 import java.util.Collections JavaDoc;
46 import java.util.Iterator JavaDoc;
47 import java.util.List JavaDoc;
48
49 import junit.extensions.TestSetup;
50 import junit.framework.Test;
51 import junit.framework.TestSuite;
52
53 /**
54  * Unit tests for VFS permissions.<p>
55  *
56  * @author Alexander Kandzior
57  *
58  * @version $Revision: 1.23 $
59  */
60 /**
61  * Comment for <code>TestPermissions</code>.<p>
62  */
63 public class TestPermissions extends OpenCmsTestCase {
64
65     /**
66      * Default JUnit constructor.<p>
67      *
68      * @param arg0 JUnit parameters
69      */
70     public TestPermissions(String JavaDoc arg0) {
71
72         super(arg0);
73     }
74
75     /**
76      * Test suite for this test class.<p>
77      *
78      * @return the test suite
79      */
80     public static Test suite() {
81
82         OpenCmsTestProperties.initialize(org.opencms.test.AllTests.TEST_PROPERTIES_PATH);
83
84         TestSuite suite = new TestSuite();
85
86         suite.setName(TestPermissions.class.getName());
87         suite.addTest(new TestPermissions("testLockStatusPermission"));
88         suite.addTest(new TestPermissions("testPublishPermissions"));
89         suite.addTest(new TestPermissions("testVisiblePermission"));
90         suite.addTest(new TestPermissions("testVisiblePermissionForFolder"));
91         suite.addTest(new TestPermissions("testFilterForFolder"));
92         suite.addTest(new TestPermissions("testDefaultPermissions"));
93         suite.addTest(new TestPermissions("testPermissionOverwrite"));
94         suite.addTest(new TestPermissions("testPermissionInheritance"));
95         suite.addTest(new TestPermissions("testUserDeletion"));
96
97         TestSetup wrapper = new TestSetup(suite) {
98
99             protected void setUp() {
100
101                 setupOpenCms("simpletest", "/sites/default/");
102             }
103
104             protected void tearDown() {
105
106                 removeOpenCms();
107             }
108         };
109
110         return wrapper;
111     }
112
113     /**
114      * @throws Throwable if something goes wrong
115      */
116     public void testDefaultPermissions() throws Throwable JavaDoc {
117
118         CmsObject cms = getCmsObject();
119         echo("Testing default permissions");
120
121         String JavaDoc resourcename = "testDefaultPermissions.txt";
122         cms.createResource(resourcename, CmsResourceTypePlain.getStaticTypeId());
123
124         cms.createUser("testAdmin", "secret", "", null);
125         cms.addUserToGroup("testAdmin", OpenCms.getDefaultUsers().getGroupAdministrators());
126         cms.createUser("testProjectmanager", "secret", "", null);
127         cms.addUserToGroup("testProjectmanager", OpenCms.getDefaultUsers().getGroupProjectmanagers());
128         cms.createUser("testUser", "secret", "", null);
129         cms.addUserToGroup("testUser", OpenCms.getDefaultUsers().getGroupUsers());
130         cms.createUser("testGuest", "secret", "", null);
131         cms.addUserToGroup("testGuest", OpenCms.getDefaultUsers().getGroupGuests());
132
133         assertEquals("+r+w+v+c+d", cms.getPermissions(resourcename, "testAdmin").getPermissionString());
134         assertEquals("+r+w+v+c+d", cms.getPermissions(resourcename, "testProjectmanager").getPermissionString());
135         assertEquals("+r+w+v+c", cms.getPermissions(resourcename, "testUser").getPermissionString());
136         assertEquals("+r+v", cms.getPermissions(resourcename, "testGuest").getPermissionString());
137     }
138
139     /**
140      * Test the resource filter files in a folder.<p>
141      *
142      * @throws Throwable if something goes wrong
143      */
144     public void testFilterForFolder() throws Throwable JavaDoc {
145
146         CmsObject cms = getCmsObject();
147         echo("Testing resource filer for the files in a folder");
148
149         String JavaDoc folder = "/types";
150         // read only "image" resources
151 List JavaDoc resultList;
152         // resources in folder only method
153 resultList = cms.getResourcesInFolder(
154             folder,
155             CmsResourceFilter.requireType(CmsResourceTypeImage.getStaticTypeId()));
156         if (resultList.size() != 1) {
157             fail("There is only 1 image resource in the folder, not " + resultList.size());
158         }
159         // files in folder only method
160 resultList = cms.getFilesInFolder(folder, CmsResourceFilter.requireType(CmsResourceTypeImage.getStaticTypeId()));
161         if (resultList.size() != 1) {
162             fail("There is only 1 image resource in the folder, not " + resultList.size());
163         }
164         // subtree method
165 resultList = cms.readResources(folder, CmsResourceFilter.requireType(CmsResourceTypeImage.getStaticTypeId()));
166         if (resultList.size() != 1) {
167             fail("There is only 1 image resource in the folder, not " + resultList.size());
168         }
169     }
170
171     /**
172      * Test the lock status permisssions.<p>
173      *
174      * @throws Throwable if something goes wrong
175      */
176     public void testLockStatusPermission() throws Throwable JavaDoc {
177
178         CmsObject cms = getCmsObject();
179         echo("Testing lock status permissions on a file");
180
181         String JavaDoc resource = "/folder1/page1.html";
182         CmsResource res = cms.readResource(resource);
183
184         // first lock resource as user "test1"
185 cms.loginUser("test1", "test1");
186         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
187         cms.lockResource(resource);
188         assertTrue(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, true, CmsResourceFilter.ALL));
189
190         // now check resource as user "test2"
191 cms.loginUser("test2", "test2");
192         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
193         assertTrue(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, false, CmsResourceFilter.ALL));
194         assertFalse(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, true, CmsResourceFilter.ALL));
195
196         // switch the lock to user "test2"
197 cms.changeLock(resource);
198         assertTrue(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, true, CmsResourceFilter.ALL));
199
200         // back to user "test1"
201 cms.loginUser("test1", "test1");
202         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
203         assertTrue(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, false, CmsResourceFilter.ALL));
204         assertFalse(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, true, CmsResourceFilter.ALL));
205
206         // switch the lock to user "test1"
207 cms.changeLock(resource);
208         assertTrue(cms.hasPermissions(res, CmsPermissionSet.ACCESS_WRITE, true, CmsResourceFilter.ALL));
209         cms.unlockResource(resource);
210     }
211
212     /**
213      * Tests the inheritance of permissions.<p>
214      *
215      * @throws Throwable if something goes wrong
216      */
217     public void testPermissionInheritance() throws Throwable JavaDoc {
218
219         CmsObject cms = getCmsObject();
220         echo("Testing inheritance of permissions");
221
222         String JavaDoc foldername = "testPermissionInheritance";
223         String JavaDoc subfoldername = foldername + "/" + "subfolder";
224         String JavaDoc resourcename = foldername + "/test.txt";
225         String JavaDoc subresourcename = subfoldername + "/subtest.txt";
226
227         cms.createResource(foldername, CmsResourceTypeFolder.getStaticTypeId());
228         cms.createResource(subfoldername, CmsResourceTypeFolder.getStaticTypeId());
229         cms.createResource(resourcename, CmsResourceTypePlain.getStaticTypeId());
230         cms.createResource(subresourcename, CmsResourceTypePlain.getStaticTypeId());
231
232         assertEquals("+r+w+v+c", cms.getPermissions(resourcename, "testUser").getPermissionString());
233         assertEquals("+r+w+v+c", cms.getPermissions(subfoldername, "testUser").getPermissionString());
234         assertEquals("+r+w+v+c", cms.getPermissions(subresourcename, "testUser").getPermissionString());
235
236         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "Users", "+o");
237
238         assertEquals("", cms.getPermissions(resourcename, "testUser").getPermissionString());
239         assertEquals("+r+w+v+c", cms.getPermissions(subfoldername, "testUser").getPermissionString());
240         assertEquals("+r+w+v+c", cms.getPermissions(subresourcename, "testUser").getPermissionString());
241
242         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "Users", "+o+i");
243         assertEquals("", cms.getPermissions(resourcename, "testUser").getPermissionString());
244         assertEquals("", cms.getPermissions(subfoldername, "testUser").getPermissionString());
245         assertEquals("", cms.getPermissions(subresourcename, "testUser").getPermissionString());
246
247         cms.createGroup("GroupA", "", 0, "");
248         cms.createGroup("GroupB", "", 0, "");
249         cms.createGroup("GroupC", "", 0, "");
250         cms.createGroup("GroupD", "", 0, "");
251
252         cms.addUserToGroup("testUser", "GroupA");
253         cms.addUserToGroup("testUser", "GroupB");
254         cms.addUserToGroup("testUser", "GroupC");
255         cms.addUserToGroup("testUser", "GroupD");
256
257         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupA", "+r");
258         assertEquals("+r", cms.getPermissions(resourcename, "testUser").getPermissionString());
259         assertEquals("", cms.getPermissions(subfoldername, "testUser").getPermissionString());
260         assertEquals("", cms.getPermissions(subresourcename, "testUser").getPermissionString());
261
262         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupA", "+r+i");
263         assertEquals("+r", cms.getPermissions(resourcename, "testUser").getPermissionString());
264         assertEquals("+r", cms.getPermissions(subfoldername, "testUser").getPermissionString());
265         assertEquals("+r", cms.getPermissions(subresourcename, "testUser").getPermissionString());
266
267         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupB", "+w");
268         assertEquals("+r+w", cms.getPermissions(resourcename, "testUser").getPermissionString());
269         assertEquals("+r", cms.getPermissions(subfoldername, "testUser").getPermissionString());
270         assertEquals("+r", cms.getPermissions(subresourcename, "testUser").getPermissionString());
271
272         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupB", "+w+i");
273         assertEquals("+r+w", cms.getPermissions(resourcename, "testUser").getPermissionString());
274         assertEquals("+r+w", cms.getPermissions(subfoldername, "testUser").getPermissionString());
275         assertEquals("+r+w", cms.getPermissions(subresourcename, "testUser").getPermissionString());
276
277         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupC", "-r");
278         assertEquals("-r+w", cms.getPermissions(resourcename, "testUser").getPermissionString());
279         assertEquals("+r+w", cms.getPermissions(subfoldername, "testUser").getPermissionString());
280         assertEquals("+r+w", cms.getPermissions(subresourcename, "testUser").getPermissionString());
281
282         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupC", "-r+i");
283         assertEquals("-r+w", cms.getPermissions(resourcename, "testUser").getPermissionString());
284         assertEquals("-r+w", cms.getPermissions(subfoldername, "testUser").getPermissionString());
285         assertEquals("-r+w", cms.getPermissions(subresourcename, "testUser").getPermissionString());
286
287         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupD", "-w");
288         assertEquals("-r-w", cms.getPermissions(resourcename, "testUser").getPermissionString());
289         assertEquals("-r+w", cms.getPermissions(subfoldername, "testUser").getPermissionString());
290         assertEquals("-r+w", cms.getPermissions(subresourcename, "testUser").getPermissionString());
291
292         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "GroupD", "-w+i");
293         assertEquals("-r-w", cms.getPermissions(resourcename, "testUser").getPermissionString());
294         assertEquals("-r-w", cms.getPermissions(subfoldername, "testUser").getPermissionString());
295         assertEquals("-r-w", cms.getPermissions(subresourcename, "testUser").getPermissionString());
296     }
297
298     /**
299      * Tests the overwriting of permissions.<p>
300      *
301      * @throws Throwable if something goes wrong
302      */
303     public void testPermissionOverwrite() throws Throwable JavaDoc {
304
305         CmsObject cms = getCmsObject();
306         echo("Testing permission overwrite");
307
308         String JavaDoc foldername = "testPermissionOverwrite";
309         cms.createResource(foldername, CmsResourceTypeFolder.getStaticTypeId());
310
311         assertEquals("+r+w+v+c", cms.getPermissions(foldername, "testUser").getPermissionString());
312
313         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "Users", "+o");
314         assertEquals("", cms.getPermissions(foldername, "testUser").getPermissionString());
315
316         cms.chacc(foldername, I_CmsPrincipal.PRINCIPAL_GROUP, "Users", "-r");
317         assertEquals("-r+w+v+c", cms.getPermissions(foldername, "testUser").getPermissionString());
318     }
319
320     /**
321      * Test the publish permisssions.<p>
322      *
323      * @throws Throwable if something goes wrong
324      */
325     public void testPublishPermissions() throws Throwable JavaDoc {
326
327         CmsObject cms = getCmsObject();
328         echo("Testing publish permissions for a user");
329
330         String JavaDoc resource = "/folder1/page1.html";
331
332         cms.lockResource(resource);
333         // modify the resource permissions for the tests
334 // remove all "Users" group permissions
335 cms.chacc(
336             resource,
337             I_CmsPrincipal.PRINCIPAL_GROUP,
338             OpenCms.getDefaultUsers().getGroupUsers(),
339             0,
340             0,
341             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
342         // allow read and write for user "test1"
343 cms.chacc(resource, I_CmsPrincipal.PRINCIPAL_USER, "test1", CmsPermissionSet.PERMISSION_READ
344             + CmsPermissionSet.PERMISSION_WRITE, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
345         // allow read and write and direct publish for user "test2"
346 cms.chacc(resource, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
347             + CmsPermissionSet.PERMISSION_WRITE
348             + CmsPermissionSet.PERMISSION_DIRECT_PUBLISH, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
349         cms.unlockResource(resource);
350
351         cms.loginUser("test1", "test1");
352         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
353         if (cms.hasPublishPermissions(resource)) {
354             fail("Publish permissions available but should not be available for user test1");
355         }
356
357         cms.loginUser("test2", "test2");
358         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
359         if (!cms.hasPublishPermissions(resource)) {
360             fail("Publish permissions unavailable but should be available for user test2");
361         }
362
363         cms.loginUser("Admin", "admin");
364         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
365         if (!cms.hasPublishPermissions(resource)) {
366             fail("Publish permissions unavailable but should be available for user Admin");
367         }
368
369         // add user "test1" to project manager group
370 cms.addUserToGroup("test1", OpenCms.getDefaultUsers().getGroupProjectmanagers());
371
372         cms.loginUser("test1", "test1");
373         // first check in "online" project
374 assertEquals(CmsProject.ONLINE_PROJECT_ID, cms.getRequestContext().currentProject().getId());
375         if (cms.hasPublishPermissions(resource)) {
376             fail("Publish permissions available but should not be available for user test1 in online project");
377         }
378         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
379         if (!cms.hasPublishPermissions(resource)) {
380             fail("Publish permissions unavailable but should be available for user test1 because he is a project manager");
381         }
382
383         // create a new folder
384 String JavaDoc folder = "/newfolder/";
385         cms.loginUser("Admin", "admin");
386         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
387
388         // create a new folder
389 cms.createResource(folder, CmsResourceTypeFolder.getStaticTypeId());
390
391         // apply permissions to folder
392 cms.lockResource(folder);
393         // modify the resource permissions for the tests
394 // remove all "Users" group permissions
395 cms.chacc(
396             folder,
397             I_CmsPrincipal.PRINCIPAL_GROUP,
398             OpenCms.getDefaultUsers().getGroupUsers(),
399             0,
400             0,
401             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
402         // also for "Project managers" to avoid conflicts with other tests in this suite
403 cms.chacc(
404             folder,
405             I_CmsPrincipal.PRINCIPAL_GROUP,
406             OpenCms.getDefaultUsers().getGroupProjectmanagers(),
407             0,
408             0,
409             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
410         // allow only read and write for user "test1"
411 cms.chacc(folder, I_CmsPrincipal.PRINCIPAL_USER, "test1", CmsPermissionSet.PERMISSION_READ
412             + CmsPermissionSet.PERMISSION_WRITE, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE
413             + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
414         // allow read, write and and direct publish for user "test2"
415 cms.chacc(folder, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
416             + CmsPermissionSet.PERMISSION_WRITE
417             + CmsPermissionSet.PERMISSION_DIRECT_PUBLISH, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE
418             + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
419         cms.unlockResource(folder);
420
421         resource = "/newfolder/newpage.html";
422         cms.createResource(
423             resource,
424             CmsResourceTypePlain.getStaticTypeId(),
425             "This is a test".getBytes(),
426             Collections.EMPTY_LIST);
427         cms.unlockResource(resource);
428
429         cms.loginUser("test1", "test1");
430         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
431         if (cms.hasPublishPermissions(resource)) {
432             fail("Publish permissions available but should not be available for user test1");
433         }
434
435         cms.loginUser("test2", "test2");
436         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
437         if (cms.hasPublishPermissions(resource)) {
438             fail("Publish permissions available but should be unavailable for user test2 because the parent folder is new");
439         }
440         if (!cms.hasPublishPermissions(folder)) {
441             fail("Publish permissions on new folder unavailable but should be available for user test2");
442         }
443         cms.publishResource(folder);
444         if (!cms.hasPublishPermissions(resource)) {
445             fail("Publish permissions unavailable but should be available for user test2 because the parent folder is now published");
446         }
447     }
448
449     /**
450      * @throws Throwable if something goes wrong
451      */
452     public void testUserDeletion() throws Throwable JavaDoc {
453
454         CmsObject cms = getCmsObject();
455         echo("Testing permissions after deleting a user");
456
457         String JavaDoc resourcename = "userDelete.txt";
458         String JavaDoc username = "deleteUser";
459         // create a resource
460 cms.createResource(resourcename, CmsResourceTypePlain.getStaticTypeId());
461         // create a user
462 cms.createUser(username, "deleteMe", "", null);
463         // add a permission for this user
464 cms.chacc(resourcename, I_CmsPrincipal.PRINCIPAL_USER, username, "+r+w+v+c+d");
465         // now delete the user again
466 cms.deleteUser(username);
467
468         // get all ace of this resource
469 List JavaDoc aces = cms.getAccessControlEntries(resourcename);
470
471         Iterator JavaDoc i = aces.iterator();
472         // loop through all ace and check if the users/groups belonging to this entry still exist
473 while (i.hasNext()) {
474             CmsAccessControlEntry ace = (CmsAccessControlEntry)i.next();
475
476             CmsUUID principal = ace.getPrincipal();
477             // the principal is missing, so the test must fail
478 if (cms.lookupPrincipal(principal) == null) {
479                 fail("Principal " + principal.toString() + " is missing");
480             }
481         }
482     }
483
484     /**
485      * Test the visible permisssions.<p>
486      *
487      * @throws Throwable if something goes wrong
488      */
489     public void testVisiblePermission() throws Throwable JavaDoc {
490
491         CmsObject cms = getCmsObject();
492         echo("Testing visible permissions on a file");
493
494         String JavaDoc resource = "index.html";
495         CmsResource res = cms.readResource(resource);
496
497         cms.lockResource(resource);
498         // modify the resource permissions for the tests
499 // remove all "Users" group permissions
500 cms.chacc(
501             resource,
502             I_CmsPrincipal.PRINCIPAL_GROUP,
503             OpenCms.getDefaultUsers().getGroupUsers(),
504             0,
505             0,
506             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
507         // also for "Project managers" to avoid conflicts with other tests in this suite
508 cms.chacc(
509             resource,
510             I_CmsPrincipal.PRINCIPAL_GROUP,
511             OpenCms.getDefaultUsers().getGroupProjectmanagers(),
512             0,
513             0,
514             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
515         // allow only read for user "test1"
516 cms.chacc(
517             resource,
518             I_CmsPrincipal.PRINCIPAL_USER,
519             "test1",
520             CmsPermissionSet.PERMISSION_READ,
521             0,
522             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
523         // allow read and visible for user "test2"
524 cms.chacc(resource, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
525             + CmsPermissionSet.PERMISSION_VIEW, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
526         cms.unlockResource(resource);
527
528         cms.loginUser("test1", "test1");
529         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
530         if (!cms.hasPermissions(
531             res,
532             new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
533             true,
534             CmsResourceFilter.ALL)) {
535             fail("Visible permission checked but should have been ignored");
536         }
537         if (cms.hasPermissions(
538             res,
539             new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
540             true,
541             CmsResourceFilter.ONLY_VISIBLE)) {
542             fail("Visible permission not checked");
543         }
544
545         cms.loginUser("test2", "test2");
546         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
547         if (!cms.hasPermissions(
548             res,
549             new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
550             true,
551             CmsResourceFilter.ALL)) {
552             fail("Visible permission checked but should be ignored");
553         }
554         if (!cms.hasPermissions(
555             res,
556             new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
557             true,
558             CmsResourceFilter.ONLY_VISIBLE)) {
559             fail("Visible permission not detected");
560         }
561     }
562
563     /**
564      * Test the visible permisssions on a list of files in a folder.<p>
565      *
566      * @throws Throwable if something goes wrong
567      */
568     public void testVisiblePermissionForFolder() throws Throwable JavaDoc {
569
570         CmsObject cms = getCmsObject();
571         echo("Testing visible permissions on a list of files in a folder");
572
573         String JavaDoc folder = "/types";
574
575         // apply permissions to folder
576 cms.lockResource(folder);
577         // modify the resource permissions for the tests
578 // remove all "Users" group permissions
579 cms.chacc(
580             folder,
581             I_CmsPrincipal.PRINCIPAL_GROUP,
582             OpenCms.getDefaultUsers().getGroupUsers(),
583             0,
584             0,
585             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
586         // also for "Project managers" to avoid conflicts with other tests in this suite
587 cms.chacc(
588             folder,
589             I_CmsPrincipal.PRINCIPAL_GROUP,
590             OpenCms.getDefaultUsers().getGroupProjectmanagers(),
591             0,
592             0,
593             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
594         // allow only read for user "test1"
595 cms.chacc(
596             folder,
597             I_CmsPrincipal.PRINCIPAL_USER,
598             "test1",
599             CmsPermissionSet.PERMISSION_READ,
600             0,
601             CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
602         // allow read and visible for user "test2"
603 cms.chacc(folder, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
604             + CmsPermissionSet.PERMISSION_VIEW, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE
605             + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
606         cms.unlockResource(folder);
607
608         List JavaDoc resultList;
609
610         cms.loginUser("test1", "test1");
611         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
612         // read excluding invisible resources
613 resultList = cms.readResources(folder, CmsResourceFilter.ONLY_VISIBLE);
614         if (resultList.size() > 0) {
615             fail("Was able to read "
616                 + resultList.size()
617                 + " invisible resources in a folder with filter excluding invisible resources");
618         }
619         // read again now inclusing invisible resources
620 resultList = cms.readResources(folder, CmsResourceFilter.ALL);
621         if (resultList.size() != 6) {
622             fail("There should be 6 visible resource in the folder, not " + resultList.size());
623         }
624
625         cms.loginUser("test2", "test2");
626         cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
627         resultList = cms.readResources(folder, CmsResourceFilter.ONLY_VISIBLE);
628         if (resultList.size() != 6) {
629             fail("There should be 6 visible resource in the folder, not " + resultList.size());
630         }
631     }
632 }
633
Popular Tags