incubator-connectors-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kwri...@apache.org
Subject svn commit: r1173893 - in /incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src: java/org/apache/solr/mcf/ test-files/ test-files/solr/ test-files/solr/conf/ test/org/apache/solr/mcf/
Date Wed, 21 Sep 2011 22:23:56 GMT
Author: kwright
Date: Wed Sep 21 22:23:55 2011
New Revision: 1173893

URL: http://svn.apache.org/viewvc?rev=1173893&view=rev
Log:
Koji's patch, moved to contrib/mcf

Added:
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml
  (with props)
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml
  (with props)
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java
  (with props)
Modified:
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java

Modified: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java
URL: http://svn.apache.org/viewvc/incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java?rev=1173893&r1=1173892&r2=1173893&view=diff
==============================================================================
--- incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java
(original)
+++ incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java
Wed Sep 21 22:23:55 2011
@@ -1,5 +1,3 @@
-/* $Id$ */
-
 /**
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements. See the NOTICE file distributed with
@@ -21,24 +19,16 @@ package org.apache.solr.mcf;
 import org.apache.lucene.index.*;
 import org.apache.lucene.search.*;
 import org.apache.lucene.queries.*;
-import org.apache.solr.search.*;
-import org.apache.solr.client.solrj.*;
 import org.apache.solr.common.SolrException;
-import org.apache.solr.common.params.*;
 import org.apache.solr.common.params.CommonParams;
+import org.apache.solr.common.params.ShardParams;
 import org.apache.solr.common.params.SolrParams;
-import org.apache.solr.common.util.*;
 import org.apache.solr.common.util.NamedList;
-import org.apache.solr.common.util.SimpleOrderedMap;
-import org.apache.solr.core.*;
-import org.apache.solr.handler.component.*;
-import org.apache.solr.request.*;
-import org.apache.solr.util.*;
-import org.apache.solr.util.plugin.*;
+import org.apache.solr.handler.component.ResponseBuilder;
+import org.apache.solr.handler.component.SearchComponent;
 import org.apache.commons.httpclient.*;
 import org.apache.commons.httpclient.methods.*;
 import org.slf4j.*;
-import org.slf4j.Logger;
 
 import java.io.*;
 import java.util.*;
@@ -51,11 +41,12 @@ import java.net.*;
 public class ManifoldCFSecurityFilter extends SearchComponent
 {
   /** The component name */
-  static final public String COMPONENT_NAME = "ManifoldCFSecurityFilter";
+  static final public String COMPONENT_NAME = "mcf";
   /** The parameter that is supposed to contain the authenticated user name, possibly including
the domain */
   static final public String AUTHENTICATED_USER_NAME = "AuthenticatedUserName";
-  /** This parameter is an array of strings, which contain the tokens to use if there is
no authenticated user name.  It's meant to work with mod_authz_annotate,
-  * running under Apache */
+  /** This parameter is an array of strings, which contain the tokens to use if there is
no authenticated user name.
+   * It's meant to work with mod_authz_annotate,
+   * running under Apache */
   static final public String USER_TOKENS = "UserTokens";
   
   /** The queries that we will not attempt to interfere with */
@@ -65,12 +56,12 @@ public class ManifoldCFSecurityFilter ex
   private static final Logger LOG = LoggerFactory.getLogger(ManifoldCFSecurityFilter.class);
 
   // Member variables
-  private boolean security = false;
-  private String authorityBaseURL = null;
-  private String fieldAllowDocument = null;
-  private String fieldDenyDocument = null;
-  private String fieldAllowShare = null;
-  private String fieldDenyShare = null;
+  String authorityBaseURL = null;
+  String fieldAllowDocument = null;
+  String fieldDenyDocument = null;
+  String fieldAllowShare = null;
+  String fieldDenyShare = null;
+  int socketTimeOut;
   
   public ManifoldCFSecurityFilter()
   {
@@ -81,11 +72,11 @@ public class ManifoldCFSecurityFilter ex
   public void init(NamedList args)
   {
     super.init(args);
-    String securityString = (String)args.get("Security");
-    security = ((securityString==null)?true:securityString.equals("on"));
     authorityBaseURL = (String)args.get("AuthorityServiceBaseURL");
     if (authorityBaseURL == null)
       authorityBaseURL = "http://localhost:8345/mcf-authority-service";
+    Integer timeOut = (Integer)args.get("SocketTimeOut");
+    socketTimeOut = timeOut == null ? 300000 : timeOut;
     String allowAttributePrefix = (String)args.get("AllowAttributePrefix");
     String denyAttributePrefix = (String)args.get("DenyAttributePrefix");
     if (allowAttributePrefix == null)
@@ -101,13 +92,12 @@ public class ManifoldCFSecurityFilter ex
   @Override
   public void prepare(ResponseBuilder rb) throws IOException
   {
-    if (!security)
-      return;
-    
     SolrParams params = rb.req.getParams();
+    if (!params.getBool(COMPONENT_NAME, true) || params.getBool(ShardParams.IS_SHARD, false))
+      return;
 
     // Log that we got here
-    LOG.info("prepare() entry params:\n" + params + "\ncontext: " + rb.req.getContext());
+    //LOG.info("prepare() entry params:\n" + params + "\ncontext: " + rb.req.getContext());
 		
     String qry = (String)params.get(CommonParams.Q);
     if (qry != null)
@@ -115,9 +105,9 @@ public class ManifoldCFSecurityFilter ex
       //Check global allowed searches
       for (String ga : globalAllowed)
       {
-	if (qry.equalsIgnoreCase(ga.trim()))
-	  // Allow this query through unchanged
-	  return;
+        if (qry.equalsIgnoreCase(ga.trim()))
+          // Allow this query through unchanged
+          return;
       }
     }
 
@@ -131,27 +121,26 @@ public class ManifoldCFSecurityFilter ex
     {
       // No authenticated user name.
       // mod_authz_annotate may be in use upstream, so look for tokens from it.
+      userAccessTokens = new ArrayList<String>();
       String[] passedTokens = params.getParams(USER_TOKENS);
       if (passedTokens == null)
       {
         // Only return 'public' documents (those with no security tokens at all)
-        LOG.info("ManifoldCFSecurityFilter: Default no-user response (open documents only)");
-        userAccessTokens = new ArrayList<String>();
+        LOG.info("Default no-user response (open documents only)");
       }
       else
       {
         // Only return 'public' documents (those with no security tokens at all)
-        LOG.info("ManifoldCFSecurityFilter: Group tokens received from caller");
-        userAccessTokens = new ArrayList<String>();
-        for (int i = 0; i < passedTokens.length; i++)
+        LOG.info("Group tokens received from caller");
+        for (String passedToken : passedTokens)
         {
-          userAccessTokens.add(passedTokens[i]);
+          userAccessTokens.add(passedToken);
         }
       }
     }
     else
     {
-      LOG.info("ManifoldCFSecurityFilter: Trying to match docs for user '"+authenticatedUserName+"'");
+      LOG.info("Trying to match docs for user '"+authenticatedUserName+"'");
       // Valid authenticated user name.  Look up access tokens for the user.
       // Check the configuration arguments for validity
       if (authorityBaseURL == null)
@@ -197,7 +186,7 @@ public class ManifoldCFSecurityFilter ex
   @Override
   public void process(ResponseBuilder rb) throws IOException
   {
-    LOG.info("ManifoldCFSecurityFilter: process() called");
+    //LOG.info("process() called");
   }
 
   /** Calculate a complete subclause, representing something like:
@@ -215,9 +204,8 @@ public class ManifoldCFSecurityFilter ex
     subUnprotectedClause.add(new FilterClause(new QueryWrapperFilter(new WildcardQuery(new
Term(allowField,"*"))),BooleanClause.Occur.MUST_NOT));
     subUnprotectedClause.add(new FilterClause(new QueryWrapperFilter(new WildcardQuery(new
Term(denyField,"*"))),BooleanClause.Occur.MUST_NOT));
     orFilter.add(new FilterClause(subUnprotectedClause,BooleanClause.Occur.SHOULD));
-    for (int i = 0; i < userAccessTokens.size(); i++)
+    for (String accessToken : userAccessTokens)
     {
-      String accessToken = userAccessTokens.get(i);
       TermsFilter tf = new TermsFilter();
       tf.addTerm(new Term(allowField,accessToken));
       orFilter.add(new FilterClause(tf,BooleanClause.Occur.SHOULD));
@@ -241,7 +229,7 @@ public class ManifoldCFSecurityFilter ex
   @Override
   public String getVersion()
   {
-    return "$Revision: 02.05.10096 $";
+    return "$Revision$";
   }
 
   @Override
@@ -253,7 +241,7 @@ public class ManifoldCFSecurityFilter ex
   @Override
   public String getSource()
   {
-    return "ManifoldCFSecurityFilter.java $";
+    return "$URL$";
   }
 	
   // Protected methods
@@ -269,55 +257,55 @@ public class ManifoldCFSecurityFilter ex
     GetMethod method = new GetMethod(theURL);
     try
     {
-      method.getParams().setParameter("http.socket.timeout", new Integer(300000));
+      method.getParams().setParameter("http.socket.timeout", socketTimeOut);
       method.setFollowRedirects(true);
       int rval = client.executeMethod(method);
       if (rval != 200)
       {
-	String response = method.getResponseBodyAsString();
-	throw new SolrException(SolrException.ErrorCode.SERVER_ERROR,"Couldn't fetch user's access
tokens from ManifoldCF authority service: "+Integer.toString(rval)+"; "+response);
+        String response = method.getResponseBodyAsString();
+        throw new SolrException(SolrException.ErrorCode.SERVER_ERROR,"Couldn't fetch user's
access tokens from ManifoldCF authority service: "+Integer.toString(rval)+"; "+response);
       }
       InputStream is = method.getResponseBodyAsStream();
       try
       {
-	Reader r = new InputStreamReader(is,"utf-8");
-	try
-	{
-	  BufferedReader br = new BufferedReader(r);
-	  try
-	  {
-	    // Read the tokens, one line at a time.  If any authorities are down, we have no current
way to note that, but someday we will.
-	    List<String> tokenList = new ArrayList<String>();
-	    while (true)
-	    {
-	      String line = br.readLine();
-	      if (line == null)
-		break;
-	      if (line.startsWith("TOKEN:"))
-	      {
-		tokenList.add(line.substring("TOKEN:".length()));
-	      }
-	      else
-	      {
-		// It probably says something about the state of the authority(s) involved, so log it
-		LOG.info("ManifoldCFSecurityFilter: For user '"+authenticatedUserName+"', saw authority
response "+line);
-	      }
-	    }
-	    return tokenList;
-	  }
-	  finally
-	  {
-	    br.close();
-	  }
-	}
-	finally
-	{
-	  r.close();
-	}
+        Reader r = new InputStreamReader(is,"utf-8");
+        try
+        {
+          BufferedReader br = new BufferedReader(r);
+          try
+          {
+            // Read the tokens, one line at a time.  If any authorities are down, we have
no current way to note that, but someday we will.
+            List<String> tokenList = new ArrayList<String>();
+            while (true)
+            {
+              String line = br.readLine();
+              if (line == null)
+                break;
+              if (line.startsWith("TOKEN:"))
+              {
+                tokenList.add(line.substring("TOKEN:".length()));
+              }
+              else
+              {
+                // It probably says something about the state of the authority(s) involved,
so log it
+                LOG.info("For user '"+authenticatedUserName+"', saw authority response "+line);
+              }
+            }
+            return tokenList;
+          }
+          finally
+          {
+            br.close();
+          }
+        }
+        finally
+        {
+          r.close();
+        }
       }
       finally
       {
-	is.close();
+        is.close();
       }
     }
     finally

Added: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml
URL: http://svn.apache.org/viewvc/incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml?rev=1173893&view=auto
==============================================================================
--- incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml
(added)
+++ incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml
Wed Sep 21 22:23:55 2011
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements.  See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<schema name="auth" version="1.4">
+ <types>
+  <fieldType name="string" class="solr.StrField"/>
+ </types>
+ <fields>
+  <field name="id" type="string" indexed="true" stored="true" required="true"/>
+  <!-- MCF Security fields -->
+  <field name="allow_token_document" type="string" indexed="true" stored="false" multiValued="true"/>
+  <field name="deny_token_document" type="string" indexed="true" stored="false" multiValued="true"/>
+  <field name="allow_token_share" type="string" indexed="true" stored="false" multiValued="true"/>
+  <field name="deny_token_share" type="string" indexed="true" stored="false" multiValued="true"/>
+ </fields>
+ <defaultSearchField>id</defaultSearchField>
+ <uniqueKey>id</uniqueKey>
+</schema>

Propchange: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/schema-auth.xml
------------------------------------------------------------------------------
    svn:keywords = Id

Added: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml
URL: http://svn.apache.org/viewvc/incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml?rev=1173893&view=auto
==============================================================================
--- incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml
(added)
+++ incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml
Wed Sep 21 22:23:55 2011
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements.  See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!-- $Id$
+     $Source$
+     $Name$
+  -->
+
+<config>
+
+  <luceneMatchVersion>${tests.luceneMatchVersion:LUCENE_CURRENT}</luceneMatchVersion>
+  <jmx />
+
+  <dataDir>${solr.data.dir:}</dataDir>
+
+  <directoryFactory name="DirectoryFactory" class="${solr.directoryFactory:solr.RAMDirectoryFactory}"/>
+
+  <updateHandler class="solr.DirectUpdateHandler2">
+  </updateHandler>
+
+  <requestHandler name="/update"     class="solr.XmlUpdateRequestHandler" />
+
+  <!-- test MCF Security Filter settings -->
+  <searchComponent name="mcf-param" class="org.apache.solr.handler.auth.ManifoldCFSecurityFilter"
>
+    <str name="AuthorityServiceBaseURL">http://localhost:8345/mcf-as</str>
+    <int name="SocketTimeOut">3000</int>
+    <str name="AllowAttributePrefix">aap-</str>
+    <str name="DenyAttributePrefix">dap-</str>
+  </searchComponent>
+
+  <searchComponent name="mcf" class="org.apache.solr.handler.auth.ManifoldCFSecurityFilter"
>
+  </searchComponent>
+
+  <requestHandler name="/mcf" class="solr.SearchHandler" startup="lazy">
+    <lst name="invariants">
+      <bool name="mcf">true</bool>
+    </lst>
+    <lst name="defaults">
+      <str name="echoParams">all</str>
+    </lst>
+    <arr name="components">
+      <str>query</str>
+      <str>mcf</str>
+    </arr>
+  </requestHandler>
+
+</config>

Propchange: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test-files/solr/conf/solrconfig-auth.xml
------------------------------------------------------------------------------
    svn:keywords = Id

Added: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java
URL: http://svn.apache.org/viewvc/incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java?rev=1173893&view=auto
==============================================================================
--- incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java
(added)
+++ incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java
Wed Sep 21 22:23:55 2011
@@ -0,0 +1,189 @@
+/**
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements. See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License. You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package org.apache.solr.mcf;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.solr.SolrTestCaseJ4;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.mortbay.jetty.Server;
+import org.mortbay.jetty.servlet.Context;
+import org.mortbay.jetty.servlet.ServletHolder;
+
+public class ManifoldCFSecurityFilterTest extends SolrTestCaseJ4 {
+  
+  static MockMCFAuthorityService service;
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    initCore("solrconfig-auth.xml","schema-auth.xml");
+    service = new MockMCFAuthorityService();
+    service.start();
+
+    //             |     share    |   document
+    //             |--------------|--------------
+    //             | allow | deny | allow | deny
+    // ------------+-------+------+-------+------
+    // da12        |       |      | 1, 2  |
+    // ------------+-------+------+-------+------
+    // da13-dd3    |       |      | 1,3   | 3
+    // ------------+-------+------+-------+------
+    // sa123-sd13  | 1,2,3 | 1, 3 |       |
+    // ------------+-------+------+-------+------
+    // sa3-sd1-da23| 3     | 1    | 2,3   |
+    // ------------+-------+------+-------+------
+    // notoken     |       |      |       |
+    // ------------+-------+------+-------+------
+    //
+    assertU(adoc("id", "da12", "allow_token_document", "token1", "allow_token_document",
"token2"));
+    assertU(adoc("id", "da13-dd3", "allow_token_document", "token1", "allow_token_document",
"token3", "deny_token_document", "token3"));
+    assertU(adoc("id", "sa123-sd13", "allow_token_share", "token1", "allow_token_share",
"token2", "allow_token_share", "token3", "deny_token_share", "token1", "deny_token_share",
"token3"));
+    assertU(adoc("id", "sa3-sd1-da23", "allow_token_document", "token2", "allow_token_document",
"token3", "allow_token_share", "token3", "deny_token_share", "token1"));
+    assertU(adoc("id", "notoken"));
+    assertU(commit());
+  }
+
+  @AfterClass
+  public static void afterClass() throws Exception {
+    service.stop();
+  }
+  
+  @Test
+  public void testParameters() throws Exception {
+    ManifoldCFSecurityFilter mcfFilter = (ManifoldCFSecurityFilter)h.getCore().getSearchComponent("mcf-param");
+    assertEquals("http://localhost:8345/mcf-as", mcfFilter.authorityBaseURL);
+    assertEquals(3000, mcfFilter.socketTimeOut);
+    assertEquals("aap-document", mcfFilter.fieldAllowDocument);
+    assertEquals("dap-document", mcfFilter.fieldDenyDocument);
+    assertEquals("aap-share", mcfFilter.fieldAllowShare);
+    assertEquals("dap-share", mcfFilter.fieldDenyShare);
+  }
+
+  @Test
+  public void testNullUsers() throws Exception {
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id"),
+        "//*[@numFound='1']",
+        "//result/doc[1]/str[@name='id'][.='notoken']");
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "AuthenticatedUserName", "anonymous"),
+        "//*[@numFound='1']",
+        "//result/doc[1]/str[@name='id'][.='notoken']");
+  }
+
+  // da12
+  // da13-dd3
+  // sa123-sd13
+  // sa3-sd1-da23
+  // notoken
+  @Test
+  public void testAuthUsers() throws Exception {
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "AuthenticatedUserName", "user1"),
+        "//*[@numFound='3']",
+        "//result/doc[1]/str[@name='id'][.='da12']",
+        "//result/doc[2]/str[@name='id'][.='da13-dd3']",
+        "//result/doc[3]/str[@name='id'][.='notoken']");
+
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "AuthenticatedUserName", "user2"),
+        "//*[@numFound='3']",
+        "//result/doc[1]/str[@name='id'][.='da12']",
+        "//result/doc[2]/str[@name='id'][.='da13-dd3']",
+        "//result/doc[3]/str[@name='id'][.='notoken']");
+
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "AuthenticatedUserName", "user3"),
+        "//*[@numFound='2']",
+        "//result/doc[1]/str[@name='id'][.='da12']",
+        "//result/doc[2]/str[@name='id'][.='notoken']");
+  }
+
+  // da12
+  // da13-dd3
+  // sa123-sd13
+  // sa3-sd1-da23
+  // notoken
+  @Test
+  public void testUserTokens() throws Exception {
+
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "UserTokens", "token1"),
+        "//*[@numFound='3']",
+        "//result/doc[1]/str[@name='id'][.='da12']",
+        "//result/doc[2]/str[@name='id'][.='da13-dd3']",
+        "//result/doc[3]/str[@name='id'][.='notoken']");
+
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "UserTokens", "token2"),
+        "//*[@numFound='3']",
+        "//result/doc[1]/str[@name='id'][.='da12']",
+        "//result/doc[2]/str[@name='id'][.='sa123-sd13']",
+        "//result/doc[3]/str[@name='id'][.='notoken']");
+
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "UserTokens", "token3"),
+        "//*[@numFound='2']",
+        "//result/doc[1]/str[@name='id'][.='sa3-sd1-da23']",
+        "//result/doc[2]/str[@name='id'][.='notoken']");
+
+    assertQ(req("qt", "/mcf", "q", "*:*", "fl", "id", "UserTokens", "token2", "UserTokens",
"token3"),
+        "//*[@numFound='3']",
+        "//result/doc[1]/str[@name='id'][.='da12']",
+        "//result/doc[2]/str[@name='id'][.='sa3-sd1-da23']",
+        "//result/doc[3]/str[@name='id'][.='notoken']");
+  }
+  
+  static class MockMCFAuthorityService {
+    
+    Server server;
+    
+    public MockMCFAuthorityService() {
+      server = new Server(8345);
+      Context asContext = new Context(server,"/mcf-authority-service",Context.SESSIONS);
+      asContext.addServlet(new ServletHolder(new UserACLServlet()), "/UserACLs");
+    }
+    
+    public void start() throws Exception {
+      server.start();
+    }
+    
+    public void stop() throws Exception {
+      server.stop();
+    }
+
+    // username | tokens rewarded
+    // ---------+-------------------------------
+    // null     | (no tokens)
+    // user1    | token1
+    // user2    | token1, token2
+    // user3    | token1, token2, token3
+    public static class UserACLServlet extends HttpServlet {
+      @Override
+      public void service(HttpServletRequest req, HttpServletResponse res)
+          throws IOException {
+        String user = req.getParameter("username");
+        res.setStatus(HttpServletResponse.SC_OK);
+        if(user.equals("user1") || user.equals("user2") || user.equals("user3"))
+          res.getWriter().printf("TOKEN:token1\n");
+        if(user.equals("user2") || user.equals("user3"))
+          res.getWriter().printf("TOKEN:token2\n");
+        if(user.equals("user3"))
+          res.getWriter().printf("TOKEN:token3\n");
+      }
+    }
+  }
+}

Propchange: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/test/org/apache/solr/mcf/ManifoldCFSecurityFilterTest.java
------------------------------------------------------------------------------
    svn:keywords = Id



Mime
View raw message