📄 testpermissions.java
字号:
}
/**
* Test the publish permisssions.<p>
*
* @throws Throwable if something goes wrong
*/
public void testPublishPermissions() throws Throwable {
CmsObject cms = getCmsObject();
echo("Testing publish permissions for a user");
String resource = "/folder1/page1.html";
cms.lockResource(resource);
// modify the resource permissions for the tests
// remove all "Users" group permissions
cms.chacc(
resource,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupUsers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
// allow read and write for user "test1"
cms.chacc(resource, I_CmsPrincipal.PRINCIPAL_USER, "test1", CmsPermissionSet.PERMISSION_READ
+ CmsPermissionSet.PERMISSION_WRITE, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
// allow read and write and direct publish for user "test2"
cms.chacc(resource, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
+ CmsPermissionSet.PERMISSION_WRITE
+ CmsPermissionSet.PERMISSION_DIRECT_PUBLISH, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
cms.unlockResource(resource);
cms.loginUser("test1", "test1");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (cms.hasPublishPermissions(resource)) {
fail("Publish permissions available but should not be available for user test1");
}
cms.loginUser("test2", "test2");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (!cms.hasPublishPermissions(resource)) {
fail("Publish permissions unavailable but should be available for user test2");
}
cms.loginUser("Admin", "admin");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (!cms.hasPublishPermissions(resource)) {
fail("Publish permissions unavailable but should be available for user Admin");
}
// add user "test1" to project manager group
cms.addUserToGroup("test1", OpenCms.getDefaultUsers().getGroupProjectmanagers());
cms.loginUser("test1", "test1");
// first check in "online" project
assertEquals(CmsProject.ONLINE_PROJECT_ID, cms.getRequestContext().currentProject().getId());
if (cms.hasPublishPermissions(resource)) {
fail("Publish permissions available but should not be available for user test1 in online project");
}
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (!cms.hasPublishPermissions(resource)) {
fail("Publish permissions unavailable but should be available for user test1 because he is a project manager");
}
// create a new folder
String folder = "/newfolder/";
cms.loginUser("Admin", "admin");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
// create a new folder
cms.createResource(folder, CmsResourceTypeFolder.getStaticTypeId());
// apply permissions to folder
cms.lockResource(folder);
// modify the resource permissions for the tests
// remove all "Users" group permissions
cms.chacc(
folder,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupUsers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
// also for "Project managers" to avoid conflicts with other tests in this suite
cms.chacc(
folder,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupProjectmanagers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
// allow only read and write for user "test1"
cms.chacc(folder, I_CmsPrincipal.PRINCIPAL_USER, "test1", CmsPermissionSet.PERMISSION_READ
+ CmsPermissionSet.PERMISSION_WRITE, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE
+ CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
// allow read, write and and direct publish for user "test2"
cms.chacc(folder, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
+ CmsPermissionSet.PERMISSION_WRITE
+ CmsPermissionSet.PERMISSION_DIRECT_PUBLISH, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE
+ CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
cms.unlockResource(folder);
resource = "/newfolder/newpage.html";
cms.createResource(
resource,
CmsResourceTypePlain.getStaticTypeId(),
"This is a test".getBytes(),
Collections.EMPTY_LIST);
cms.unlockResource(resource);
cms.loginUser("test1", "test1");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (cms.hasPublishPermissions(resource)) {
fail("Publish permissions available but should not be available for user test1");
}
cms.loginUser("test2", "test2");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (cms.hasPublishPermissions(resource)) {
fail("Publish permissions available but should be unavailable for user test2 because the parent folder is new");
}
if (!cms.hasPublishPermissions(folder)) {
fail("Publish permissions on new folder unavailable but should be available for user test2");
}
cms.publishResource(folder);
if (!cms.hasPublishPermissions(resource)) {
fail("Publish permissions unavailable but should be available for user test2 because the parent folder is now published");
}
}
/**
* @throws Throwable if something goes wrong
*/
public void testUserDeletion() throws Throwable {
CmsObject cms = getCmsObject();
echo("Testing permissions after deleting a user");
String resourcename = "userDelete.txt";
String username = "deleteUser";
// create a resource
cms.createResource(resourcename, CmsResourceTypePlain.getStaticTypeId());
// create a user
cms.createUser(username, "deleteMe", "", null);
// add a permission for this user
cms.chacc(resourcename, I_CmsPrincipal.PRINCIPAL_USER, username, "+r+w+v+c+d");
// now delete the user again
cms.deleteUser(username);
// get all ace of this resource
List aces = cms.getAccessControlEntries(resourcename);
Iterator i = aces.iterator();
// loop through all ace and check if the users/groups belonging to this entry still exist
while (i.hasNext()) {
CmsAccessControlEntry ace = (CmsAccessControlEntry)i.next();
CmsUUID principal = ace.getPrincipal();
// the principal is missing, so the test must fail
if (cms.lookupPrincipal(principal) == null) {
fail("Principal " + principal.toString() + " is missing");
}
}
}
/**
* Test the visible permisssions.<p>
*
* @throws Throwable if something goes wrong
*/
public void testVisiblePermission() throws Throwable {
CmsObject cms = getCmsObject();
echo("Testing visible permissions on a file");
String resource = "index.html";
CmsResource res = cms.readResource(resource);
cms.lockResource(resource);
// modify the resource permissions for the tests
// remove all "Users" group permissions
cms.chacc(
resource,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupUsers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
// also for "Project managers" to avoid conflicts with other tests in this suite
cms.chacc(
resource,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupProjectmanagers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
// allow only read for user "test1"
cms.chacc(
resource,
I_CmsPrincipal.PRINCIPAL_USER,
"test1",
CmsPermissionSet.PERMISSION_READ,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
// allow read and visible for user "test2"
cms.chacc(resource, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
+ CmsPermissionSet.PERMISSION_VIEW, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE);
cms.unlockResource(resource);
cms.loginUser("test1", "test1");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (!cms.hasPermissions(
res,
new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
true,
CmsResourceFilter.ALL)) {
fail("Visible permission checked but should have been ignored");
}
if (cms.hasPermissions(
res,
new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
true,
CmsResourceFilter.ONLY_VISIBLE)) {
fail("Visible permission not checked");
}
cms.loginUser("test2", "test2");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
if (!cms.hasPermissions(
res,
new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
true,
CmsResourceFilter.ALL)) {
fail("Visible permission checked but should be ignored");
}
if (!cms.hasPermissions(
res,
new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW, 0),
true,
CmsResourceFilter.ONLY_VISIBLE)) {
fail("Visible permission not detected");
}
}
/**
* Test the visible permisssions on a list of files in a folder.<p>
*
* @throws Throwable if something goes wrong
*/
public void testVisiblePermissionForFolder() throws Throwable {
CmsObject cms = getCmsObject();
echo("Testing visible permissions on a list of files in a folder");
String folder = "/types";
// apply permissions to folder
cms.lockResource(folder);
// modify the resource permissions for the tests
// remove all "Users" group permissions
cms.chacc(
folder,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupUsers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
// also for "Project managers" to avoid conflicts with other tests in this suite
cms.chacc(
folder,
I_CmsPrincipal.PRINCIPAL_GROUP,
OpenCms.getDefaultUsers().getGroupProjectmanagers(),
0,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
// allow only read for user "test1"
cms.chacc(
folder,
I_CmsPrincipal.PRINCIPAL_USER,
"test1",
CmsPermissionSet.PERMISSION_READ,
0,
CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
// allow read and visible for user "test2"
cms.chacc(folder, I_CmsPrincipal.PRINCIPAL_USER, "test2", CmsPermissionSet.PERMISSION_READ
+ CmsPermissionSet.PERMISSION_VIEW, 0, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE
+ CmsAccessControlEntry.ACCESS_FLAGS_INHERIT);
cms.unlockResource(folder);
List resultList;
cms.loginUser("test1", "test1");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
// read excluding invisible resources
resultList = cms.readResources(folder, CmsResourceFilter.ONLY_VISIBLE);
if (resultList.size() > 0) {
fail("Was able to read "
+ resultList.size()
+ " invisible resources in a folder with filter excluding invisible resources");
}
// read again now inclusing invisible resources
resultList = cms.readResources(folder, CmsResourceFilter.ALL);
if (resultList.size() != 6) {
fail("There should be 6 visible resource in the folder, not " + resultList.size());
}
cms.loginUser("test2", "test2");
cms.getRequestContext().setCurrentProject(cms.readProject("Offline"));
resultList = cms.readResources(folder, CmsResourceFilter.ONLY_VISIBLE);
if (resultList.size() != 6) {
fail("There should be 6 visible resource in the folder, not " + resultList.size());
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -