RSDEV-446: moving failing junit tests to IT tests (part 4 - final)

Author: rs-nicof

src/test/java/com/researchspace/service/RecordSharingIT.java

@@ -7,7 +7,8 @@
 import static org.junit.Assert.assertTrue;
 
 import com.researchspace.Constants;
-import com.researchspace.dao.GroupDao;
+import com.researchspace.core.util.ISearchResults;
+import com.researchspace.core.util.SearchResultsImpl;
 import com.researchspace.dao.RecordGroupSharingDao;
 import com.researchspace.model.Community;
 import com.researchspace.model.EditStatus;
@@ -16,6 +17,7 @@
 import com.researchspace.model.Role;
 import com.researchspace.model.RoleInGroup;
 import com.researchspace.model.User;
+import com.researchspace.model.core.RecordType;
 import com.researchspace.model.dtos.ShareConfigElement;
 import com.researchspace.model.permissions.ConstraintBasedPermission;
 import com.researchspace.model.permissions.DefaultPermissionFactory;
@@ -35,6 +37,9 @@
 import com.researchspace.testutils.RSpaceTestUtils;
 import com.researchspace.testutils.RealTransactionSpringTestBase;
 import com.researchspace.testutils.SpringTransactionalTest;
+import com.researchspace.webapp.controller.ActionPermissionsDTO;
+import com.researchspace.webapp.controller.WorkspacePermissionsDTOBuilder;
+import java.util.Arrays;
 import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
@@ -43,6 +48,7 @@
 import org.junit.Before;
 import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.ui.ExtendedModelMap;
 
 /**
  * This is for tests with object relations and multiple transactions that are too complicated to run
@@ -52,13 +58,16 @@ public class RecordSharingIT extends RealTransactionSpringTestBase {
 
   private @Autowired RecordGroupSharingDao groupShareDao;
   private @Autowired RecordSharingManager recordSharingManager;
+  private @Autowired WorkspacePermissionsDTOBuilder permBuilder;
+
   private Group group;
   private User piUser;
   private User other;
 
   @Before
   public void setUp() throws Exception {
     super.setUp();
+    permBuilder.setRecMgr(recordMgr);
     piUser = doCreateAndInitUser(getRandomAlphabeticString("pi"), Constants.PI_ROLE);
     initialiseContentWithEmptyContent(piUser);
   }
@@ -333,7 +342,7 @@ public void deletionOfDocumentSharedIntoOtherNotebook() throws Exception {
     addUsersToGroup(pi, labGroup2, user);
 
     // user creates a notebook and shares it for write with both groups
-    user = userMgr.get(user.getId());
+    user = reloadUser(user);
     logoutAndLoginAs(user);
     Long userRootId = user.getRootFolder().getId();
 
@@ -354,7 +363,7 @@ public void deletionOfDocumentSharedIntoOtherNotebook() throws Exception {
     sharedNotebook = folderMgr.getNotebook(sharedNotebook.getId());
     labGroup = grpMgr.getGroup(labGroup.getId());
     labGroup2 = grpMgr.getGroup(labGroup2.getId());
-    pi = userMgr.get(pi.getId());
+    pi = reloadUser(pi);
 
     shareRecordIntoGroupNotebook(doc, sharedNotebook, labGroup, pi);
     shareRecordIntoGroupNotebook(doc, sharedNotebook, labGroup2, pi);
@@ -498,8 +507,201 @@ public void movePermissionsInGrpFolder() throws Exception {
         recordMgr.move(others.getId(), subf.getId(), grpFolder.getId(), piUser).isSucceeded());
   }
 
+  @Test
+  public void ownerDeletesNotebookAndGroupCanNoLongerView() throws Exception {
+    User owner = createAndSaveUserIfNotExists(getRandomAlphabeticString("owner"), Constants.USER_ROLE);
+    User sharee = createAndSaveUserIfNotExists(getRandomAlphabeticString("sharee"), Constants.USER_ROLE);
+
+    openTransaction();
+    initialiseContentWithEmptyContent(owner, sharee);
+    commitTransaction();
+
+    User sysadmin = logoutAndLoginAsSysAdmin();
+    group = createGroupForUsers(sysadmin, piUser.getUsername(), "", owner, sharee, piUser);
+    assertTrue(group.getPiusers().contains(piUser));
+
+
+    // login as owner, create a notebook and share it
+    logoutAndLoginAs(owner);
+    owner = reloadUser(owner);
+    openTransaction();
+    Notebook notebook = createNotebookWithNEntries(owner.getRootFolder().getId(), "any", 2, owner);
+    StructuredDocument notebookEntry = getFirstEntryInNotebook(notebook);
+    commitTransaction();
+    shareNotebookWithGroup(owner, notebook, group, "write");
+
+    // sharee can see notebook and entry
+    logoutAndLoginAs(sharee);
+    sharee = reloadUser(sharee);
+
+    openTransaction();
+    notebook = folderMgr.getNotebook(notebook.getId());
+    notebookEntry = getFirstEntryInNotebook(notebook);
+    userCanViewNotebookAndEntry(sharee, notebook, notebookEntry);
+    commitTransaction();
+
+    // owner *deletes* the record
+    logoutAndLoginAs(owner);
+    openTransaction();
+    owner = reloadUser(owner);
+    recordDeletionMgr.deleteFolder(owner.getRootFolder().getId(), notebook.getId(), owner);
+    commitTransaction();
+
+    // sharee cannot see notebook and entry->deletion == unsharing as well
+    logoutAndLoginAs(sharee);
+    sharee = reloadUser(sharee);
+
+    openTransaction();
+    notebook = folderMgr.getNotebook(notebook.getId());
+    notebookEntry = getFirstEntryInNotebook(notebook);
+    userCannotViewNotebookOrEntry(sharee, notebook, notebookEntry);
+    commitTransaction();
+  }
+
+  @Test
+  public void shareUnshareNotebookAndNotebookEntry() throws InterruptedException {
+    User owner = createAndSaveUserIfNotExists(getRandomAlphabeticString("owner"), Constants.USER_ROLE);
+    User sharee = createAndSaveUserIfNotExists(getRandomAlphabeticString("sharee"), Constants.USER_ROLE);
+
+    openTransaction();
+    initialiseContentWithEmptyContent(owner, sharee);
+    commitTransaction();
+
+    User sysadmin = logoutAndLoginAsSysAdmin();
+    group = createGroupForUsers(sysadmin, piUser.getUsername(), "", owner, sharee, piUser);
+    assertTrue(group.getPiusers().contains(piUser));
+
+    // login as owner, create a notebook
+    logoutAndLoginAs(owner);
+    owner = reloadUser(owner);
+
+    openTransaction();
+    Notebook nb = createNotebookWithNEntries(owner.getRootFolder().getId(), "any", 2, owner);
+    StructuredDocument notebookentry = getFirstEntryInNotebook(nb);
+    assertEquals(0, folderDao.getSharedFolderForGroup(group).getChildrens().size());
+    commitTransaction();
+
+    // share an entry
+    shareRecordWithGroup(owner, group, notebookentry);
+
+    openTransaction();
+    assertTrue(folderDao.getSharedFolderForGroup(group).getChildrens().contains(notebookentry));
+    commitTransaction();
+
+    // check shared entry can be moved by pi.
+    logoutAndLoginAs(piUser);
+
+    openTransaction();
+    Folder shared = folderDao.getSharedFolderForGroup(group);
+    commitTransaction();;
+
+    List<BaseRecord> reslist = Arrays.asList(new BaseRecord[] {notebookentry});
+    ISearchResults<BaseRecord> res = new SearchResultsImpl<BaseRecord>(reslist, 0, 1L, 1);
+    piUser = reloadPiUser(); // refresh
+
+    // share the whole notebook
+    logoutAndLoginAs(owner);
+    shareNotebookWithGroup(owner, nb, group, "write");
+
+    openTransaction();
+    assertTrue(folderDao.getSharedFolderForGroup(group).getChildrens().contains(notebookentry));
+    assertEquals(2, folderDao.getSharedFolderForGroup(group).getChildrens().size());
+    commitTransaction();
+
+    // now unshare the notebook.. should unshare the entry as well
+    unshareRecordORNotebookWithGroup(owner, nb, group, "write");
+
+    openTransaction();
+    assertEquals(0, folderDao.getSharedFolderForGroup(group).getChildrens().size());
+    // neither are shared
+    assertFalse(
+        groupShareDao.isRecordAlreadySharedInGroup(group.getId(), nb.getId(), notebookentry.getId()));
+    nb = folderMgr.getNotebook(nb.getId());
+    assertEquals(2, nb.getChildren().size()); // still has 2 entries in
+    commitTransaction();
+    // original notebook
+  }
+
+  @Test
+  public void basicShareUnshareWithGroupAffectsShareesViewPermissions()
+      throws InterruptedException {
+    User owner = createAndSaveUserIfNotExists(getRandomAlphabeticString("owner"), Constants.USER_ROLE);
+    User sharee = createAndSaveUserIfNotExists(getRandomAlphabeticString("sharee"), Constants.USER_ROLE);
+
+    openTransaction();
+    initialiseContentWithEmptyContent(owner, sharee);
+    commitTransaction();
+
+    User sysadmin = logoutAndLoginAsSysAdmin();
+    group = createGroupForUsers(sysadmin, piUser.getUsername(), "", owner, sharee, piUser);
+    assertTrue(group.getPiusers().contains(piUser));
+
+    logoutAndLoginAs(owner);
+    owner = reloadUser(owner);
+
+    openTransaction();
+    Notebook notebook = createNotebookWithNEntries(owner.getRootFolder().getId(), "any", 2, owner);
+    StructuredDocument notebookentry = (StructuredDocument) notebook.getChildren().iterator().next().getRecord();
+    commitTransaction();
+
+    // sharee can't see owner's notebook or entry because it's not shared
+    // yet
+    logoutAndLoginAs(sharee);
+    sharee = reloadUser(sharee);
+    userCannotViewNotebookOrEntry(sharee, notebook, notebookentry);
+
+    // login as owner and share notebook
+    logoutAndLoginAs(owner);
+    notebook = shareNotebookWithGroup(owner, notebook, group, "write").get();
+    // should not acquire shared folder status
+    assertFalse(notebook.hasType(RecordType.SHARED_FOLDER));
+    assertTrue(notebook.hasType(RecordType.NOTEBOOK));
+
+    // sharee can see notebook and entry
+    logoutAndLoginAs(sharee);
+
+    openTransaction();
+    sharee = reloadUser(sharee);
+    notebook = folderMgr.getNotebook(notebook.getId());
+    notebookentry = (StructuredDocument) notebook.getChildren().iterator().next().getRecord();
+    userCanViewNotebookAndEntry(sharee, notebook, notebookentry);
+    commitTransaction();
+
+    // owner unshares the record
+    logoutAndLoginAs(owner);
+    unshareRecordORNotebookWithGroup(owner, notebook, group, "write");
+    logoutAndLoginAs(sharee);
+
+    openTransaction();
+    sharee = reloadUser(sharee);
+    notebook = folderMgr.getNotebook(notebook.getId());
+    notebookentry = (StructuredDocument) notebook.getChildren().iterator().next().getRecord();
+    userCannotViewNotebookOrEntry(sharee, notebook, notebookentry);
+    commitTransaction();
+  }
+
+  private User reloadUser(User userToReload) {
+    return userMgr.get(userToReload.getId());
+  }
+
   private User reloadPiUser() {
-    return userMgr.get(piUser.getId());
+    return reloadUser(piUser);
+  }
+
+  private StructuredDocument getFirstEntryInNotebook(Notebook nb) {
+    return (StructuredDocument) nb.getChildren().iterator().next().getRecord();
+  }
+
+  private void userCanViewNotebookAndEntry(
+      User subject, Notebook nb, StructuredDocument notebookentry) {
+    assertTrue(permissionUtils.isPermitted(notebookentry, PermissionType.READ, subject));
+    assertTrue(permissionUtils.isPermitted(nb, PermissionType.READ, subject));
+  }
+
+  private void userCannotViewNotebookOrEntry(
+      User sharee, Notebook nb, StructuredDocument notebookentry) {
+    assertFalse(permissionUtils.isPermitted(nb, PermissionType.READ, sharee));
+    assertFalse(permissionUtils.isPermitted(notebookentry, PermissionType.READ, sharee));
   }
 
   private ShareConfigElement[] getGrpShareCommand(Group g, String perm) {