Return-Path: X-Original-To: apmail-sling-commits-archive@www.apache.org Delivered-To: apmail-sling-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D923510ED9 for ; Wed, 2 Oct 2013 13:31:51 +0000 (UTC) Received: (qmail 78789 invoked by uid 500); 2 Oct 2013 13:31:51 -0000 Delivered-To: apmail-sling-commits-archive@sling.apache.org Received: (qmail 78753 invoked by uid 500); 2 Oct 2013 13:31:50 -0000 Mailing-List: contact commits-help@sling.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@sling.apache.org Delivered-To: mailing list commits@sling.apache.org Received: (qmail 78746 invoked by uid 99); 2 Oct 2013 13:31:49 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Oct 2013 13:31:49 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Oct 2013 13:31:47 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 8DB602388831; Wed, 2 Oct 2013 13:31:27 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1528467 - in /sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post: PostServletPrivilegesUpdateTest.java PostServletUpdateTest.java Date: Wed, 02 Oct 2013 13:31:27 -0000 To: commits@sling.apache.org From: bdelacretaz@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20131002133127.8DB602388831@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: bdelacretaz Date: Wed Oct 2 13:31:27 2013 New Revision: 1528467 URL: http://svn.apache.org/r1528467 Log: SLING-2788 - split out the privileges-related tests, which fail on Oak for now Added: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletPrivilegesUpdateTest.java Modified: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletUpdateTest.java Added: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletPrivilegesUpdateTest.java URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletPrivilegesUpdateTest.java?rev=1528467&view=auto ============================================================================== --- sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletPrivilegesUpdateTest.java (added) +++ sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletPrivilegesUpdateTest.java Wed Oct 2 13:31:27 2013 @@ -0,0 +1,236 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.launchpad.webapp.integrationtest.servlets.post; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.jcr.Repository; +import javax.jcr.RepositoryException; +import javax.jcr.Session; +import javax.jcr.SimpleCredentials; +import javax.jcr.observation.Event; +import javax.jcr.observation.EventIterator; +import javax.jcr.observation.EventListener; +import javax.jcr.observation.ObservationManager; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.httpclient.Credentials; +import org.apache.commons.httpclient.NameValuePair; +import org.apache.commons.httpclient.UsernamePasswordCredentials; +import org.apache.jackrabbit.commons.JcrUtils; +import org.apache.sling.commons.json.JSONArray; +import org.apache.sling.commons.json.JSONException; +import org.apache.sling.commons.json.JSONObject; +import org.apache.sling.commons.testing.integration.NameValuePairList; +import org.apache.sling.launchpad.webapp.integrationtest.AbstractAuthenticatedTest; +import org.apache.sling.servlets.post.SlingPostConstants; + +public class PostServletPrivilegesUpdateTest extends AbstractAuthenticatedTest { + public static final String TEST_BASE_PATH = "/sling-tests"; + private String postUrl; + private String testUserId = null; + + @Override + protected void setUp() throws Exception { + super.setUp(); + postUrl = HTTP_BASE_URL + TEST_BASE_PATH + "/" + System.currentTimeMillis(); + } + + /* (non-Javadoc) + * @see org.apache.sling.commons.testing.integration.HttpTestBase#tearDown() + */ + @Override + protected void tearDown() throws Exception { + if (testUserId != null) { + //remove the test user if it exists. + String postUrl = HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".delete.html"; + List postParams = new ArrayList(); + assertAuthenticatedAdminPostStatus(postUrl, HttpServletResponse.SC_OK, postParams, null); + } + super.tearDown(); + } + + /** + * Test for SLING-897 fix: + * 1. Updating a property requires jcr:modifyProperties privilege on node. + * 2. When changing an existing property observers should receive a PROPERTY_CHANGED event instead + * of a PROPERTY_REMOVED event and a PROPERTY_ADDED event + */ + public void testUpdatePropertyPrivilegesAndEvents() throws IOException, JSONException, RepositoryException, InterruptedException { + //1. Create user as admin (OK) + // curl -F:name=myuser -Fpwd=password -FpwdConfirm=password http://admin:admin@localhost:8080/system/userManager/user.create.html + testUserId = createTestUser(); + + //2. Create node as admin (OK) + // curl -F:nameHint=node -FpropOne=propOneValue1 -FpropOne=propOneValue2 -FpropTwo=propTwoValue http://admin:admin@localhost:8080/test/ + final String createTestNodeUrl = postUrl + SlingPostConstants.DEFAULT_CREATE_SUFFIX; + NameValuePairList clientNodeProperties = new NameValuePairList(); + clientNodeProperties.add(SlingPostConstants.RP_NODE_NAME_HINT, getName()); + clientNodeProperties.add("propOne", "propOneValue1"); + clientNodeProperties.add("propOne", "propOneValue2"); + clientNodeProperties.add("propTwo", "propTwoValue"); + String testNodeUrl = testClient.createNode(createTestNodeUrl, clientNodeProperties, null, false); + + String content = getContent(testNodeUrl + ".json", CONTENT_TYPE_JSON); + JSONObject json = new JSONObject(content); + Object propOneObj = json.opt("propOne"); + assertTrue(propOneObj instanceof JSONArray); + assertEquals(2, ((JSONArray)propOneObj).length()); + assertEquals("propOneValue1", ((JSONArray)propOneObj).get(0)); + assertEquals("propOneValue2", ((JSONArray)propOneObj).get(1)); + + Object propTwoObj = json.opt("propTwo"); + assertTrue(propTwoObj instanceof String); + assertEquals("propTwoValue", propTwoObj); + + + //3. Attempt to update property of node as testUser (500: javax.jcr.AccessDeniedException: /test/node/propOne: not allowed to add or modify item) + // curl -FpropOne=propOneValueChanged -FpropTwo=propTwoValueChanged1 -FpropTwo=propTwoValueChanged2 http://myuser:password@localhost:8080/test/node + List postParams = new ArrayList(); + postParams.add(new NameValuePair("propOne", "propOneValueChanged")); + postParams.add(new NameValuePair("propTwo", "propTwoValueChanged1")); + postParams.add(new NameValuePair("propTwo", "propTwoValueChanged2")); + Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); + String expectedMessage = "Expected javax.jcr.AccessDeniedException"; + assertAuthenticatedPostStatus(testUserCreds, testNodeUrl, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, expectedMessage); + + //4. Grant jcr:modifyProperties rights to testUser as admin (OK) + // curl -FprincipalId=myuser -Fprivilege@jcr:modifyProperties=granted http://admin:admin@localhost:8080/test/node.modifyAce.html + Map nodeAceProperties = new HashMap(); + nodeAceProperties.put("principalId", testUserId); + nodeAceProperties.put("privilege@jcr:modifyProperties", "granted"); + testClient.createNode(testNodeUrl + ".modifyAce.html", nodeAceProperties); + + //use a davex session to verify the correct JCR events are delivered + Repository repository = JcrUtils.getRepository(HTTP_BASE_URL + "/server/"); + Session jcrSession = null; + TestEventListener listener = new TestEventListener(); + ObservationManager observationManager = null; + try { + jcrSession = repository.login(new SimpleCredentials("admin", "admin".toCharArray())); + observationManager = jcrSession.getWorkspace().getObservationManager(); + String testNodePath = testNodeUrl.substring(HTTP_BASE_URL.length()); + observationManager.addEventListener(listener, + Event.PROPERTY_ADDED | Event.PROPERTY_CHANGED | Event.PROPERTY_REMOVED, //event types + testNodePath, //absPath + true, //isDeep + null, //uuid + null, //nodeTypeName + false); //noLocal + + //5. Attempt to update properties of node (OK) + // curl -FpropOne=propOneValueChanged -FpropTwo=propTwoValueChanged1 -FpropTwo=propTwoValueChanged2 http://myuser:password@localhost:8080/test/node + assertAuthenticatedPostStatus(testUserCreds, testNodeUrl, HttpServletResponse.SC_OK, postParams, expectedMessage); + + //verify the change happened + String afterUpdateContent = getContent(testNodeUrl + ".json", CONTENT_TYPE_JSON); + JSONObject afterUpdateJson = new JSONObject(afterUpdateContent); + Object afterUpdatePropOneObj = afterUpdateJson.opt("propOne"); + assertTrue(afterUpdatePropOneObj instanceof JSONArray); + assertEquals(1, ((JSONArray)afterUpdatePropOneObj).length()); + assertEquals("propOneValueChanged", ((JSONArray)afterUpdatePropOneObj).get(0)); + + Object afterUpdatePropTwoObj = afterUpdateJson.opt("propTwo"); + assertTrue(afterUpdatePropTwoObj instanceof JSONArray); + assertEquals(2, ((JSONArray)afterUpdatePropTwoObj).length()); + assertEquals("propTwoValueChanged1", ((JSONArray)afterUpdatePropTwoObj).get(0)); + assertEquals("propTwoValueChanged2", ((JSONArray)afterUpdatePropTwoObj).get(1)); + + //wait for the expected JCR events to be delivered + for (int second = 0; second < 15; second++) { + if (listener.getEventBundlesProcessed() > 0) { + break; + } + Thread.sleep(1000); + } + + assertEquals("One property added event was expected: " + listener.toString(), + 1, listener.addedProperties.size()); + assertEquals(testNodePath + "/propTwo", listener.addedProperties.get(0)); + assertEquals("One property removed event was expected: " + listener.toString(), + 1, listener.removedProperties.size()); + assertEquals(testNodePath + "/propTwo", listener.removedProperties.get(0)); + assertEquals("One property changed event was expected: " + listener.toString(), + 1, listener.changedProperties.size()); + assertEquals(testNodePath + "/propOne", listener.changedProperties.get(0)); + } finally { + //cleanup + if (observationManager != null) { + observationManager.removeEventListener(listener); + } + jcrSession.logout(); + repository = null; + } + } + + protected class TestEventListener implements EventListener { + protected List changedProperties = new ArrayList(); + protected List addedProperties = new ArrayList(); + protected List removedProperties = new ArrayList(); + + protected int eventBundlesProcessed = 0; + + public void onEvent(EventIterator eventIterator) { + try { + while (eventIterator.hasNext()) { + Event event = eventIterator.nextEvent(); + int type = event.getType(); + switch (type) { + case Event.PROPERTY_CHANGED: + changedProperties.add(event.getPath()); + break; + case Event.PROPERTY_ADDED: + addedProperties.add(event.getPath()); + break; + case Event.PROPERTY_REMOVED: + removedProperties.add(event.getPath()); + break; + } + } + eventBundlesProcessed++; + } catch (RepositoryException e) { + fail(e.getMessage()); + } + } + + public int getEventBundlesProcessed() { + return eventBundlesProcessed; + } + + public void clear() { + changedProperties.clear(); + addedProperties.clear(); + removedProperties.clear(); + eventBundlesProcessed = 0; + } + + /* (non-Javadoc) + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + return "TestEventListener [addedProperties=" + Arrays.toString(addedProperties.toArray()) + + ", changedProperties=" + Arrays.toString(changedProperties.toArray()) + + ", removedProperties=" + Arrays.toString(removedProperties.toArray()) + "]"; + } + } +} \ No newline at end of file Modified: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletUpdateTest.java URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletUpdateTest.java?rev=1528467&r1=1528466&r2=1528467&view=diff ============================================================================== --- sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletUpdateTest.java (original) +++ sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/servlets/post/PostServletUpdateTest.java Wed Oct 2 13:31:27 2013 @@ -208,170 +208,4 @@ public void testPostPathIsUnique() throw json = new JSONObject(content); assertTrue("jcr:primaryType isn't set correctly", json.getString("jcr:primaryType").equals("sling:Folder")); } - - /** - * Test for SLING-897 fix: - * 1. Updating a property requires jcr:modifyProperties privilege on node. - * 2. When changing an existing property observers should receive a PROPERTY_CHANGED event instead - * of a PROPERTY_REMOVED event and a PROPERTY_ADDED event - */ - public void testUpdatePropertyPrivilegesAndEvents() throws IOException, JSONException, RepositoryException, InterruptedException { - //1. Create user as admin (OK) - // curl -F:name=myuser -Fpwd=password -FpwdConfirm=password http://admin:admin@localhost:8080/system/userManager/user.create.html - testUserId = createTestUser(); - - //2. Create node as admin (OK) - // curl -F:nameHint=node -FpropOne=propOneValue1 -FpropOne=propOneValue2 -FpropTwo=propTwoValue http://admin:admin@localhost:8080/test/ - final String createTestNodeUrl = postUrl + SlingPostConstants.DEFAULT_CREATE_SUFFIX; - NameValuePairList clientNodeProperties = new NameValuePairList(); - clientNodeProperties.add(SlingPostConstants.RP_NODE_NAME_HINT, getName()); - clientNodeProperties.add("propOne", "propOneValue1"); - clientNodeProperties.add("propOne", "propOneValue2"); - clientNodeProperties.add("propTwo", "propTwoValue"); - String testNodeUrl = testClient.createNode(createTestNodeUrl, clientNodeProperties, null, false); - - String content = getContent(testNodeUrl + ".json", CONTENT_TYPE_JSON); - JSONObject json = new JSONObject(content); - Object propOneObj = json.opt("propOne"); - assertTrue(propOneObj instanceof JSONArray); - assertEquals(2, ((JSONArray)propOneObj).length()); - assertEquals("propOneValue1", ((JSONArray)propOneObj).get(0)); - assertEquals("propOneValue2", ((JSONArray)propOneObj).get(1)); - - Object propTwoObj = json.opt("propTwo"); - assertTrue(propTwoObj instanceof String); - assertEquals("propTwoValue", propTwoObj); - - - //3. Attempt to update property of node as testUser (500: javax.jcr.AccessDeniedException: /test/node/propOne: not allowed to add or modify item) - // curl -FpropOne=propOneValueChanged -FpropTwo=propTwoValueChanged1 -FpropTwo=propTwoValueChanged2 http://myuser:password@localhost:8080/test/node - List postParams = new ArrayList(); - postParams.add(new NameValuePair("propOne", "propOneValueChanged")); - postParams.add(new NameValuePair("propTwo", "propTwoValueChanged1")); - postParams.add(new NameValuePair("propTwo", "propTwoValueChanged2")); - Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); - String expectedMessage = "Expected javax.jcr.AccessDeniedException"; - assertAuthenticatedPostStatus(testUserCreds, testNodeUrl, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, expectedMessage); - - //4. Grant jcr:modifyProperties rights to testUser as admin (OK) - // curl -FprincipalId=myuser -Fprivilege@jcr:modifyProperties=granted http://admin:admin@localhost:8080/test/node.modifyAce.html - Map nodeAceProperties = new HashMap(); - nodeAceProperties.put("principalId", testUserId); - nodeAceProperties.put("privilege@jcr:modifyProperties", "granted"); - testClient.createNode(testNodeUrl + ".modifyAce.html", nodeAceProperties); - - //use a davex session to verify the correct JCR events are delivered - Repository repository = JcrUtils.getRepository(HTTP_BASE_URL + "/server/"); - Session jcrSession = null; - TestEventListener listener = new TestEventListener(); - ObservationManager observationManager = null; - try { - jcrSession = repository.login(new SimpleCredentials("admin", "admin".toCharArray())); - observationManager = jcrSession.getWorkspace().getObservationManager(); - String testNodePath = testNodeUrl.substring(HTTP_BASE_URL.length()); - observationManager.addEventListener(listener, - Event.PROPERTY_ADDED | Event.PROPERTY_CHANGED | Event.PROPERTY_REMOVED, //event types - testNodePath, //absPath - true, //isDeep - null, //uuid - null, //nodeTypeName - false); //noLocal - - //5. Attempt to update properties of node (OK) - // curl -FpropOne=propOneValueChanged -FpropTwo=propTwoValueChanged1 -FpropTwo=propTwoValueChanged2 http://myuser:password@localhost:8080/test/node - assertAuthenticatedPostStatus(testUserCreds, testNodeUrl, HttpServletResponse.SC_OK, postParams, expectedMessage); - - //verify the change happened - String afterUpdateContent = getContent(testNodeUrl + ".json", CONTENT_TYPE_JSON); - JSONObject afterUpdateJson = new JSONObject(afterUpdateContent); - Object afterUpdatePropOneObj = afterUpdateJson.opt("propOne"); - assertTrue(afterUpdatePropOneObj instanceof JSONArray); - assertEquals(1, ((JSONArray)afterUpdatePropOneObj).length()); - assertEquals("propOneValueChanged", ((JSONArray)afterUpdatePropOneObj).get(0)); - - Object afterUpdatePropTwoObj = afterUpdateJson.opt("propTwo"); - assertTrue(afterUpdatePropTwoObj instanceof JSONArray); - assertEquals(2, ((JSONArray)afterUpdatePropTwoObj).length()); - assertEquals("propTwoValueChanged1", ((JSONArray)afterUpdatePropTwoObj).get(0)); - assertEquals("propTwoValueChanged2", ((JSONArray)afterUpdatePropTwoObj).get(1)); - - //wait for the expected JCR events to be delivered - for (int second = 0; second < 15; second++) { - if (listener.getEventBundlesProcessed() > 0) { - break; - } - Thread.sleep(1000); - } - - assertEquals("One property added event was expected: " + listener.toString(), - 1, listener.addedProperties.size()); - assertEquals(testNodePath + "/propTwo", listener.addedProperties.get(0)); - assertEquals("One property removed event was expected: " + listener.toString(), - 1, listener.removedProperties.size()); - assertEquals(testNodePath + "/propTwo", listener.removedProperties.get(0)); - assertEquals("One property changed event was expected: " + listener.toString(), - 1, listener.changedProperties.size()); - assertEquals(testNodePath + "/propOne", listener.changedProperties.get(0)); - } finally { - //cleanup - if (observationManager != null) { - observationManager.removeEventListener(listener); - } - jcrSession.logout(); - repository = null; - } - } - - protected class TestEventListener implements EventListener { - protected List changedProperties = new ArrayList(); - protected List addedProperties = new ArrayList(); - protected List removedProperties = new ArrayList(); - - protected int eventBundlesProcessed = 0; - - public void onEvent(EventIterator eventIterator) { - try { - while (eventIterator.hasNext()) { - Event event = eventIterator.nextEvent(); - int type = event.getType(); - switch (type) { - case Event.PROPERTY_CHANGED: - changedProperties.add(event.getPath()); - break; - case Event.PROPERTY_ADDED: - addedProperties.add(event.getPath()); - break; - case Event.PROPERTY_REMOVED: - removedProperties.add(event.getPath()); - break; - } - } - eventBundlesProcessed++; - } catch (RepositoryException e) { - fail(e.getMessage()); - } - } - - public int getEventBundlesProcessed() { - return eventBundlesProcessed; - } - - public void clear() { - changedProperties.clear(); - addedProperties.clear(); - removedProperties.clear(); - eventBundlesProcessed = 0; - } - - /* (non-Javadoc) - * @see java.lang.Object#toString() - */ - @Override - public String toString() { - return "TestEventListener [addedProperties=" + Arrays.toString(addedProperties.toArray()) - + ", changedProperties=" + Arrays.toString(changedProperties.toArray()) - + ", removedProperties=" + Arrays.toString(removedProperties.toArray()) + "]"; - } - } - } \ No newline at end of file