jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r689499 [8/11] - in /jackrabbit/trunk: jackrabbit-api/src/main/java/org/apache/jackrabbit/api/jsr283/ jackrabbit-api/src/main/java/org/apache/jackrabbit/api/jsr283/retention/ jackrabbit-api/src/main/java/org/apache/jackrabbit/api/jsr283/sec...
Date Wed, 27 Aug 2008 15:12:07 GMT
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java Wed Aug 27 08:12:04 2008
@@ -20,28 +20,20 @@
 
 import javax.jcr.PathNotFoundException;
 import javax.jcr.RepositoryException;
+import javax.jcr.Session;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
+import java.util.Iterator;
 
 /**
  * <code>AccessControlDiscoveryTest</code>...
  */
 public class AccessControlDiscoveryTest extends AbstractAccessControlTest {
 
-    private Privilege getPrivilege(String name) throws RepositoryException, NotExecutableException {
-        Privilege[] privileges = acMgr.getSupportedPrivileges(testRootNode.getPath());
-        for (int i = 0; i < privileges.length; i++) {
-            if (name.equals(privileges[i].getName())) {
-                return privileges[i];
-            }
-        }
-        throw new NotExecutableException();
-    }
-
     public void testGetSupportedPrivileges() throws RepositoryException {
         // retrieving supported privileges:
         // Quote from spec:
@@ -57,21 +49,60 @@
 
         // test if those privileges are present:
         String msg = "A repository must support the privilege ";
-        assertTrue(msg + Privilege.READ, names.contains(Privilege.READ));
-        assertTrue(msg + Privilege.ADD_CHILD_NODES, names.contains(Privilege.ADD_CHILD_NODES));
-        assertTrue(msg + Privilege.REMOVE_CHILD_NODES, names.contains(Privilege.REMOVE_CHILD_NODES));
-        assertTrue(msg + Privilege.MODIFY_PROPERTIES, names.contains(Privilege.MODIFY_PROPERTIES));
-        assertTrue(msg + Privilege.READ_ACCESS_CONTROL, names.contains(Privilege.READ_ACCESS_CONTROL));
-        assertTrue(msg + Privilege.MODIFY_ACCESS_CONTROL, names.contains(Privilege.MODIFY_ACCESS_CONTROL));
-        assertTrue(msg + Privilege.WRITE, names.contains(Privilege.WRITE));
-        assertTrue(msg + Privilege.ALL, names.contains(Privilege.ALL));
+        assertTrue(msg + Privilege.JCR_READ, names.contains(getJCRName(Privilege.JCR_READ, superuser)));
+        assertTrue(msg + Privilege.JCR_ADD_CHILD_NODES, names.contains(getJCRName(Privilege.JCR_ADD_CHILD_NODES, superuser)));
+        assertTrue(msg + Privilege.JCR_REMOVE_CHILD_NODES, names.contains(getJCRName(Privilege.JCR_REMOVE_CHILD_NODES, superuser)));
+        assertTrue(msg + Privilege.JCR_MODIFY_PROPERTIES, names.contains(getJCRName(Privilege.JCR_MODIFY_PROPERTIES, superuser)));
+        assertTrue(msg + Privilege.JCR_REMOVE_NODE, names.contains(getJCRName(Privilege.JCR_REMOVE_NODE, superuser)));
+        assertTrue(msg + Privilege.JCR_READ_ACCESS_CONTROL, names.contains(getJCRName(Privilege.JCR_READ_ACCESS_CONTROL, superuser)));
+        assertTrue(msg + Privilege.JCR_MODIFY_ACCESS_CONTROL, names.contains(getJCRName(Privilege.JCR_MODIFY_ACCESS_CONTROL, superuser)));
+        assertTrue(msg + Privilege.JCR_WRITE, names.contains(getJCRName(Privilege.JCR_WRITE, superuser)));
+        assertTrue(msg + Privilege.JCR_ALL, names.contains(getJCRName(Privilege.JCR_ALL, superuser)));
+    }
+
+    public void testPrivilegeFromName() throws RepositoryException {
+        Privilege[] privileges = acMgr.getSupportedPrivileges(testRootNode.getPath());
+        for (int i = 0; i < privileges.length; i++) {
+            Privilege p = acMgr.privilegeFromName(privileges[i].getName());
+            assertEquals("Expected equal privilege name.", privileges[i].getName(), p.getName());
+            assertEquals("Expected equal privilege.", privileges[i], p);
+        }
+    }
+
+    public void testMandatoryPrivilegeFromName() throws RepositoryException {
+        List l = new ArrayList();
+        l.add(getJCRName(Privilege.JCR_READ, superuser));
+        l.add(getJCRName(Privilege.JCR_ADD_CHILD_NODES, superuser));
+        l.add(getJCRName(Privilege.JCR_REMOVE_CHILD_NODES, superuser));
+        l.add(getJCRName(Privilege.JCR_MODIFY_PROPERTIES, superuser));
+        l.add(getJCRName(Privilege.JCR_REMOVE_NODE, superuser));
+        l.add(getJCRName(Privilege.JCR_READ_ACCESS_CONTROL, superuser));
+        l.add(getJCRName(Privilege.JCR_MODIFY_ACCESS_CONTROL, superuser));
+        l.add(getJCRName(Privilege.JCR_WRITE, superuser));
+        l.add(getJCRName(Privilege.JCR_ALL, superuser));
+
+        for (Iterator it = l.iterator(); it.hasNext();) {
+            String privName = it.next().toString();
+            Privilege p = acMgr.privilegeFromName(privName);
+            assertEquals("Expected equal privilege name.", privName, p.getName());
+        }
+    }
+
+    public void testUnknownPrivilegeFromName() throws RepositoryException {
+        String unknownPrivilegeName = Math.random() + "";
+        try {
+            acMgr.privilegeFromName(unknownPrivilegeName);
+            fail(unknownPrivilegeName + " isn't the name of a known privilege.");
+        } catch (AccessControlException e) {
+            // success
+        }
     }
 
     public void testAllPrivilegeContainsAll() throws RepositoryException, NotExecutableException {
         Privilege[] supported = acMgr.getSupportedPrivileges(testRootNode.getPath());
 
         Set allSet = new HashSet();
-        Privilege all = getPrivilege(Privilege.ALL);
+        Privilege all = acMgr.privilegeFromName(Privilege.JCR_ALL);
         allSet.addAll(Arrays.asList(all.getAggregatePrivileges()));
 
         String msg = "The all privilege must also contain ";
@@ -87,22 +118,37 @@
     }
 
     public void testAllPrivilege() throws RepositoryException, NotExecutableException {
-        Privilege all = getPrivilege(Privilege.ALL);
+        Privilege all = acMgr.privilegeFromName(Privilege.JCR_ALL);
         assertFalse("All privilege must be not be abstract.", all.isAbstract());
         assertTrue("All privilege must be an aggregate privilege.", all.isAggregate());
-        assertEquals("The name of the all privilege must be " + Privilege.ALL, all.getName(), Privilege.ALL);
+        String expected = getJCRName(Privilege.JCR_ALL, superuser);
+        assertEquals("The name of the all privilege must be " + expected, expected, all.getName());
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     * @throws NotExecutableException
+     */
     public void testWritePrivilege() throws RepositoryException, NotExecutableException {
-        Privilege w = getPrivilege(Privilege.WRITE);
+        Privilege w = acMgr.privilegeFromName(Privilege.JCR_WRITE);
         assertTrue("Write privilege must be an aggregate privilege.", w.isAggregate());
-        assertEquals("The name of the write privilege must be " + Privilege.WRITE, w.getName(), Privilege.WRITE);
+        String expected = getJCRName(Privilege.JCR_WRITE, superuser);
+        assertEquals("The name of the write privilege must be " + expected, expected, w.getName());
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     */
     public void testGetPrivileges() throws RepositoryException {
         acMgr.getPrivileges(testRootNode.getPath());
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     */
     public void testGetPrivilegesOnNonExistingNode() throws RepositoryException {
         String path = getPathToNonExistingNode();
         try {
@@ -113,6 +159,11 @@
         }
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     * @throws NotExecutableException
+     */
     public void testGetPrivilegesOnProperty() throws RepositoryException, NotExecutableException {
         String path = getPathToProperty();
         try {
@@ -123,11 +174,19 @@
         }
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     */
     public void testHasPrivileges() throws RepositoryException {
         Privilege[] privs = acMgr.getPrivileges(testRootNode.getPath());
         assertTrue(acMgr.hasPrivileges(testRootNode.getPath(), privs));
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     */
     public void testHasIndividualPrivileges() throws RepositoryException {
         Privilege[] privs = acMgr.getPrivileges(testRootNode.getPath());
 
@@ -137,9 +196,14 @@
         }
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     * @throws NotExecutableException
+     */
     public void testNotHasPrivileges() throws RepositoryException, NotExecutableException {
         Privilege[] privs = acMgr.getPrivileges(testRootNode.getPath());
-        Privilege all = getPrivilege(Privilege.ALL);
+        Privilege all = acMgr.privilegeFromName(Privilege.JCR_ALL);
 
         // remove all privileges that are granted.
         Set notGranted = new HashSet(Arrays.asList(all.getAggregatePrivileges()));
@@ -160,6 +224,10 @@
         }
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     */
     public void testHasPrivilegesOnNotExistingNode() throws RepositoryException {
         String path = getPathToNonExistingNode();
         try {
@@ -170,6 +238,11 @@
         }
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     * @throws NotExecutableException
+     */
     public void testHasPrivilegesOnProperty() throws RepositoryException, NotExecutableException {
         String path = getPathToProperty();
         try {
@@ -180,7 +253,23 @@
         }
     }
 
+    /**
+     *
+     * @throws RepositoryException
+     * @throws NotExecutableException
+     */
     public void testHasPrivilegesEmptyArray() throws RepositoryException, NotExecutableException {
         assertTrue(acMgr.hasPrivileges(testRootNode.getPath(), new Privilege[0]));
     }
+
+    //--------------------------------------------------------------------------
+    /**
+     * Retrieve the 'real' jcr name from a given privilege name constant.
+     */
+    private static String getJCRName(String privilegeNameConstant, Session session) throws RepositoryException {
+        int pos = privilegeNameConstant.indexOf('}');
+        String uri = privilegeNameConstant.substring(1, pos);
+        String localName = privilegeNameConstant.substring(pos + 1);
+        return session.getNamespacePrefix(uri) + ":" + localName;
+    }
 }
\ No newline at end of file

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,496 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.api.jsr283.security;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.jackrabbit.test.NotExecutableException;
+import org.apache.jackrabbit.core.SessionImpl;
+import org.apache.jackrabbit.core.security.TestPrincipal;
+
+import javax.jcr.Node;
+import javax.jcr.Session;
+import javax.jcr.RepositoryException;
+import javax.jcr.AccessDeniedException;
+import java.util.Iterator;
+import java.util.Arrays;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Set;
+import java.security.Principal;
+import java.security.acl.Group;
+
+/**
+ * <code>AccessControlEntryTest</code>...
+ */
+public class AccessControlListTest extends AbstractAccessControlTest {
+
+    private static Logger log = LoggerFactory.getLogger(AccessControlListTest.class);
+
+    private String path;
+    private Privilege[] privs;
+    private Principal testPrincipal;
+
+    private List privilegesToRestore = new ArrayList();
+
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        // TODO: test if options is supported
+        //checkSupportedOption(superuser, Repository.OPTION_ACCESS_CONTROL_SUPPORTED);
+
+        // TODO: retrieve targetPath from configuration
+        Node n = testRootNode.addNode(nodeName1, testNodeType);
+        superuser.save();
+        path = n.getPath();
+
+        privs = acMgr.getSupportedPrivileges(path);
+        if (privs.length == 0) {
+            throw new NotExecutableException("No supported privileges at absPath " + path);
+        }
+
+        // TODO: make sure, entries to ADD are not present yet.
+        // TODO: retrieve principal name from tck-Configuration
+        // TODO: get rid of SessionImpl dependency
+        Session s = superuser;
+        if (s instanceof SessionImpl) {
+            for (Iterator it = ((SessionImpl) s).getSubject().getPrincipals().iterator(); it.hasNext();) {
+                Principal p = (Principal) it.next();
+                if (!(p instanceof Group)) {
+                    testPrincipal = p;
+                }
+            }
+            if (testPrincipal == null) {
+                throw new NotExecutableException("Test principal missing.");
+            }
+        } else {
+            throw new NotExecutableException("SessionImpl expected");
+        }
+
+        // remember existing entries for test-principal -> later restore.
+        privilegesToRestore = currentPrivileges(getList(acMgr, path), testPrincipal);
+    }
+
+    protected void tearDown() throws Exception {
+        try {
+            // TODO: review if correct.
+            // restore original entries (remove others).
+            AccessControlList list = getList(acMgr, path);
+            AccessControlEntry[] entries = list.getAccessControlEntries();
+            for (int i = 0; i < entries.length; i++) {
+                AccessControlEntry ace = entries[i];
+                if (testPrincipal.equals(ace.getPrincipal())) {
+                    list.removeAccessControlEntry(ace);
+                }
+            }
+            list.addAccessControlEntry(testPrincipal, (Privilege[]) privilegesToRestore.toArray(new Privilege[privilegesToRestore.size()]));
+            superuser.save();
+        } catch (Exception e) {
+            AccessControlListTest.log.error("Unexpected error while removing test entries.", e);
+        }
+        super.tearDown();
+    }
+
+    private static AccessControlList getList(AccessControlManager acMgr, String path)
+            throws NotExecutableException, AccessDeniedException, RepositoryException {
+        for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path); it.hasNext();) {
+            AccessControlPolicy acp = it.nextAccessControlPolicy();
+            if (acp instanceof AccessControlList) {
+                return (AccessControlList) acp;
+            }
+        }
+        throw new NotExecutableException("No applicable AccessControlList at " + path);
+    }
+
+    private static List currentPrivileges(AccessControlList acl, Principal principal) throws RepositoryException {
+        List privileges = new ArrayList();
+        AccessControlEntry[] entries = acl.getAccessControlEntries();
+        for (int i = 0; i < entries.length; i++) {
+            AccessControlEntry ace = entries[i];
+            if (principal.equals(ace.getPrincipal())) {
+                privileges.addAll(Arrays.asList(ace.getPrivileges()));
+            }
+        }
+        return privileges;
+    }
+
+    public void testGetAccessControlEntries() throws RepositoryException, AccessDeniedException, NotExecutableException {
+        checkCanReadAc(path);
+        AccessControlList acl = getList(acMgr, path);
+
+        // call must succeed.
+        AccessControlEntry[] entries = acl.getAccessControlEntries();
+        assertNotNull("AccessControlList#getAccessControlEntries must not return null.", entries);
+        for (int i = 0; i < entries.length; i++) {
+            assertNotNull("An ACE must contain a principal", entries[i].getPrincipal());
+            Privilege[] privs = entries[i].getPrivileges();
+            assertTrue("An ACE must contain at least a single privilege", privs != null && privs.length > 0);
+        }
+    }
+
+    public void testAddAccessControlEntry() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        Privilege[] privileges = new Privilege[] {privs[0]};
+        AccessControlList acl = getList(acMgr, path);
+
+        AccessControlEntry entry = null;
+        if (acl.addAccessControlEntry(testPrincipal, privileges)) {
+            AccessControlEntry[] aces = acl.getAccessControlEntries();
+            for (int i = 0; i < aces.length; i++) {
+                if (aces[i].getPrincipal().equals(testPrincipal) &&
+                    Arrays.asList(privileges).equals(Arrays.asList(aces[i].getPrivileges()))) {
+                    entry = aces[i];
+                }
+            }
+            if (entry == null) throw new NotExecutableException();
+        } else {
+            throw new NotExecutableException();
+
+        }
+        assertEquals("Principal name of the ACE must be equal to the name of the passed Principal", testPrincipal.getName(), entry.getPrincipal().getName());
+        assertEquals("Privileges of the ACE must be equal to the passed ones", Arrays.asList(privileges), Arrays.asList(entry.getPrivileges()));
+    }
+
+    public void testAddAggregatePrivilege() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        Privilege aggregate = null;
+        for (int i = 0; i < privs.length; i++) {
+            if (privs[i].isAggregate()) {
+                aggregate = privs[i];
+                break;
+            }
+        }
+        if (aggregate == null) {
+            throw new NotExecutableException("No aggregate privilege supported at " + path);
+        }
+
+        AccessControlList acl = getList(acMgr, path);
+        acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});
+
+        // make sure all privileges are present now
+        List privs = currentPrivileges(acl, testPrincipal);
+        assertTrue("Privileges added through 'addAccessControlEntry' must be " +
+                "reflected upon getAccessControlEntries",
+                privs.contains(aggregate) || privs.containsAll(Arrays.asList(aggregate.getAggregatePrivileges())));
+    }
+
+    public void testAddAggregatedPrivilegesSeparately() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        Privilege aggregate = null;
+        for (int i = 0; i < privs.length; i++) {
+            if (privs[i].isAggregate()) {
+                aggregate = privs[i];
+                break;
+            }
+        }
+        if (aggregate == null) {
+            throw new NotExecutableException("No aggregate privilege supported at " + path);
+        }
+
+        AccessControlList acl = getList(acMgr, path);
+        acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});
+
+        Privilege[] privs = aggregate.getAggregatePrivileges();
+        for (int i = 0; i < privs.length; i++) {
+            boolean modified = acl.addAccessControlEntry(testPrincipal, new Privilege[] {privs[i]});
+            assertFalse("Adding the aggregated privs individually later on must not modify the policy", modified);
+        }
+    }
+
+    public void testAddPrivilegesPresentInEntries() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        AccessControlList acl = getList(acMgr, path);
+        acl.addAccessControlEntry(testPrincipal, privs);
+
+        Set assignedPrivs = new HashSet();
+        AccessControlEntry[] entries = acl.getAccessControlEntries();
+        for (int i = 0; i < entries.length; i++) {
+            if (entries[i].getPrincipal().equals(testPrincipal)) {
+                Privilege[] prvs = entries[i].getPrivileges();
+                for (int j = 0; j < prvs.length; j++) {
+                    if (prvs[j].isAggregate()) {
+                        assignedPrivs.addAll(Arrays.asList(prvs[j].getAggregatePrivileges()));
+                    } else {
+                        assignedPrivs.add(prvs[j]);
+                    }
+                }
+            }
+        }
+
+        Set expected = new HashSet();
+        for (int i = 0; i < privs.length; i++) {
+            if (privs[i].isAggregate()) {
+                expected.addAll(Arrays.asList(privs[i].getAggregatePrivileges()));
+            } else {
+                expected.add(privs[i]);
+            }
+        }
+        assertTrue("getAccessControlEntries must contain an entry or entries that grant at least the added privileges.", assignedPrivs.containsAll(expected));
+    }
+
+    public void testAddAccessControlEntryAndSetPolicy() throws RepositoryException, NotExecutableException {
+        checkCanModifyAc(path);
+
+        AccessControlList acl = getList(acMgr, path);
+        List originalAces = Arrays.asList(acl.getAccessControlEntries());
+
+        if (!acl.addAccessControlEntry(testPrincipal, privs)) {
+            throw new NotExecutableException();
+        }
+
+        // re-access ACL from AC-Manager -> must not yet have changed
+        assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", originalAces, Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+
+        // setting the modified policy -> policy must change.
+        acMgr.setPolicy(path, acl);
+        assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", Arrays.asList(acl.getAccessControlEntries()), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+    }
+
+    public void testAddAccessControlEntryIsTransient() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        AccessControlList acl = getList(acMgr, path);
+        List originalAces = Arrays.asList(acl.getAccessControlEntries());
+
+        if (!acl.addAccessControlEntry(testPrincipal, privs)) {
+            throw new NotExecutableException();
+        }
+        // set the policy (see #testAddAccessControlEntryAndSetPolicy)
+        acMgr.setPolicy(path, acl);
+
+        // revert the changes made
+        superuser.refresh(false);
+        assertEquals("After calling Session.refresh() any changes to a nodes policies must be reverted.", originalAces, Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+    }
+
+    public void testAddAccessControlEntryInvalidPrincipal() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+        try {
+            // TODO: retrieve unknown principal name from config
+            Principal invalidPrincipal = new TestPrincipal("an_unknown_principal");
+            AccessControlList acl = getList(acMgr, path);
+            acl.addAccessControlEntry(invalidPrincipal, privs);
+            fail("Adding an entry with an unknown principal must throw AccessControlException.");
+        } catch (AccessControlException e) {
+            // success.
+        } finally {
+            superuser.refresh(false);
+        }
+    }
+
+    public void testAddAccessControlEntryEmptyPrivilegeArray() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        try {
+            Privilege[] invalidPrivs = new Privilege[0];
+            AccessControlList acl = getList(acMgr, path);
+            acl.addAccessControlEntry(testPrincipal, invalidPrivs);
+            fail("Adding an entry with an invalid privilege array must throw AccessControlException.");
+        } catch (AccessControlException e) {
+            // success.
+        } finally {
+            superuser.refresh(false);
+        }
+    }
+
+    public void testAddAccessControlEntryInvalidPrivilege() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        try {
+            Privilege[] invalidPrivs = new Privilege[] {new Privilege() {
+                public String getName() {
+                    return null;
+                }
+                public boolean isAbstract() {
+                    return false;
+                }
+                public boolean isAggregate() {
+                    return false;
+                }
+                public Privilege[] getDeclaredAggregatePrivileges() {
+                    return new Privilege[0];
+                }
+                public Privilege[] getAggregatePrivileges() {
+                    return new Privilege[0];
+                }
+            }};
+            AccessControlList acl = getList(acMgr, path);
+            acl.addAccessControlEntry(testPrincipal, invalidPrivs);
+            fail("Adding an entry with an invalid privilege must throw AccessControlException.");
+        } catch (AccessControlException e) {
+            // success.
+        } finally {
+            superuser.refresh(false);
+        }
+    }
+
+    public void testRemoveAccessControlEntry() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        AccessControlList acl = getList(acMgr, path);
+        AccessControlEntry[] entries = acl.getAccessControlEntries();
+        if (entries.length > 0) {
+            AccessControlEntry ace = entries[0];
+            acl.removeAccessControlEntry(ace);
+
+            // retrieve entries again:
+            List remainingEntries = Arrays.asList(acl.getAccessControlEntries());
+            assertFalse("AccessControlList.getAccessControlEntries still returns a removed ACE.", remainingEntries.contains(ace));
+        }
+    }
+
+    public void testRemoveAddedAccessControlEntry() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        AccessControlList acl = getList(acMgr, path);
+        acl.addAccessControlEntry(testPrincipal, privs);
+
+        AccessControlEntry[] aces = acl.getAccessControlEntries();
+        for (int i = 0; i < aces.length; i++) {
+            acl.removeAccessControlEntry(aces[i]);
+        }
+        assertEquals("After removing all ACEs the ACL must be empty", 0, acl.getAccessControlEntries().length);
+    }
+
+    public void testRemoveAccessControlEntryAndSetPolicy() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        // add a new ACE that can be removed later on.
+        AccessControlList acl = getList(acMgr, path);
+        if (!acl.addAccessControlEntry(testPrincipal, privs)) {
+            throw new NotExecutableException();
+        } else {
+            acMgr.setPolicy(path, acl);
+        }
+
+        // try to re-access the modifiable ACL in order to remove the ACE
+        // added before.
+        acl = getList(acMgr, path);
+        AccessControlEntry ace = null;
+        AccessControlEntry[] aces = acl.getAccessControlEntries();
+        if (aces.length == 0) {
+            throw new NotExecutableException();
+        } else {
+            ace = aces[0];
+            acl.removeAccessControlEntry(ace);
+        }
+
+        // before setting the policy again -> no changes visible.
+        assertEquals("Removal of an ACE must only be visible upon 'setPolicy'", Arrays.asList(aces), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+
+        // set policy again.
+        acMgr.setPolicy(path, acl);
+        assertEquals("After 'setPolicy' the ACE-removal must be visible to the editing session.", Arrays.asList(acl.getAccessControlEntries()), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+    }
+
+    public void testRemoveAccessControlEntryIsTransient() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        AccessControlList acl = getList(acMgr, path);
+        // make sure an ACE is present and modifications are persisted.
+        if (acl.addAccessControlEntry(testPrincipal, privs)) {
+            acMgr.setPolicy(path, acl);
+            superuser.save();
+        } else {
+            throw new NotExecutableException();
+        }
+
+        // retrieve ACL again -> transient removal of the ace
+        acl = getList(acMgr, path);
+        AccessControlEntry ace = acl.getAccessControlEntries()[0];
+        acl.removeAccessControlEntry(ace);
+        acMgr.setPolicy(path, acl);
+
+        // revert changes -> removed entry must be present again.
+        superuser.refresh(false);
+        List entries = Arrays.asList(getList(acMgr, path).getAccessControlEntries());
+        assertTrue("After reverting any changes the removed ACE should be present again.", entries.contains(ace));
+    }
+
+    public void testRemoveIllegalAccessControlEntry() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+        try {
+            AccessControlEntry entry = new AccessControlEntry() {
+                public Principal getPrincipal() {
+                    return testPrincipal;
+                }
+                public Privilege[] getPrivileges() {
+                    return privs;
+                }
+            };
+            AccessControlList acl = getList(acMgr, path);
+            acl.removeAccessControlEntry(entry);
+            fail("AccessControlManager.removeAccessControlEntry with an unknown entry must throw AccessControlException.");
+        } catch (AccessControlException e) {
+            // ok
+        }
+    }
+
+    public void testAddAccessControlEntryTwice() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+        AccessControlList acl = getList(acMgr, path);
+        if (acl.addAccessControlEntry(testPrincipal, privs)) {
+            assertFalse("Adding the same ACE twice should not modify the AC-List.",
+                    acl.addAccessControlEntry(testPrincipal, privs));
+        }
+    }
+
+    public void testAddAccessControlEntryAgain() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+
+        AccessControlList list = getList(acMgr, path);
+        AccessControlEntry[] entries = list.getAccessControlEntries();
+        if (entries.length > 0) {
+            assertFalse("Adding an existing entry again must not modify the AC-List",
+                    list.addAccessControlEntry(entries[0].getPrincipal(), entries[0].getPrivileges()));
+        } else {
+            throw new NotExecutableException();
+        }
+    }
+
+    public void testExtendPrivileges() throws NotExecutableException, RepositoryException {
+        checkCanModifyAc(path);
+        // search 2 non-aggregated privileges
+        List twoPrivs = new ArrayList(2);
+        for (int i = 0; i < privs.length && twoPrivs.size() < 2; i++) {
+            if (!privs[i].isAggregate()) {
+                twoPrivs.add(privs[i]);
+            }
+        }
+        if (twoPrivs.size() < 2) {
+            throw new NotExecutableException("At least 2 supported, non-aggregate privileges required at " + path);
+        }
+
+        AccessControlList acl = getList(acMgr, path);
+        Privilege privilege = (Privilege) twoPrivs.get(0);
+        // add first privilege:
+        acl.addAccessControlEntry(testPrincipal, new Privilege[] {privilege});
+
+        // add a second privilege (but not specifying the privilege added before)
+        // -> the first privilege must not be removed.
+        Privilege privilege2 = (Privilege) twoPrivs.get(1);
+        acl.addAccessControlEntry(testPrincipal, new Privilege[] {privilege2});
+
+        List currentPrivileges = currentPrivileges(acl, testPrincipal);
+        assertTrue("'AccessControlList.addAccessControlEntry' must not remove privileges added before", currentPrivileges.containsAll(twoPrivs));
+    }
+}

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision url

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java Wed Aug 27 08:12:04 2008
@@ -37,7 +37,7 @@
     protected void setUp() throws Exception {
         super.setUp();
 
-        // policy-option is cover the by the 'OPTION_SIMPLE_ACCESS_CONTROL_SUPPORTED' -> see super-class
+        // policy-option is cover the by the 'OPTION_ACCESS_CONTROL_SUPPORTED' -> see super-class
 
         Node n = testRootNode.addNode(nodeName1, testNodeType);
         superuser.save();

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java Wed Aug 27 08:12:04 2008
@@ -26,11 +26,13 @@
 import javax.jcr.PathNotFoundException;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
-import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
+import java.util.Arrays;
+import java.util.Map;
+import java.util.HashMap;
 
 /**
  * <code>AccessControlPolicyTest</code>...
@@ -40,12 +42,12 @@
     private static Logger log = LoggerFactory.getLogger(AccessControlPolicyTest.class);
 
     private String path;
-    private List addedPolicies = new ArrayList();
+    private Map addedPolicies = new HashMap();
 
     protected void setUp() throws Exception {
         super.setUp();
 
-        // policy-option is cover the by the 'OPTION_SIMPLE_ACCESS_CONTROL_SUPPORTED' -> see super-class
+        // policy-option is cover the by the 'OPTION_ACCESS_CONTROL_SUPPORTED' -> see super-class
 
         Node n = testRootNode.addNode(nodeName1, testNodeType);
         superuser.save();
@@ -54,81 +56,60 @@
 
     protected void tearDown() throws Exception {
         try {
-            for (Iterator it = addedPolicies.iterator(); it.hasNext();) {
+            for (Iterator it = addedPolicies.keySet().iterator(); it.hasNext();) {
                 String path = it.next().toString();
-                acMgr.removePolicy(path);
+                AccessControlPolicy policy = (AccessControlPolicy) addedPolicies.get(path);
+                acMgr.removePolicy(path, policy);
             }
             superuser.save();
         } catch (Exception e) {
             log.error("Unexpected error while removing test policies.", e);
         }
+        addedPolicies.clear();
         super.tearDown();
     }
 
-    private AccessControlPolicy buildInvalidPolicy(String path) throws RepositoryException, AccessDeniedException {
-        List applicable = new ArrayList();
-        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
-        while (it.hasNext()) {
-            applicable.add(it.nextAccessControlPolicy().getName());
-        }
-
-        String name = "invalidPolicy";
-        int index = 0;
-        while (applicable.contains(name)) {
-            name = "invalidPolicy" + index;
-            index++;
-        }
-        final String policyName = name;
-        return new AccessControlPolicy() {
-
-            public String getName() throws RepositoryException {
-                return policyName;
-            }
-            public String getDescription() throws RepositoryException {
-                return null;
-            }
-        };
-    }
-
-    public void testGetEffectivePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
+    public void testGetEffectivePolicies() throws RepositoryException, AccessDeniedException, NotExecutableException {
         checkCanReadAc(path);
         // call must succeed without exception
-        AccessControlPolicy policy = acMgr.getEffectivePolicy(path);
-        if (policy != null) {
-            assertTrue("The name of an AccessControlPolicy must not be null.", policy.getName() != null);
-        } else {
-            // no policy present on that node. // TODO: check if possible.
+        AccessControlPolicy[] policies = acMgr.getEffectivePolicies(path);
+        if (policies == null && policies.length == 0) {
+            fail("To every existing node at least a single effective policy applies.");
         }
     }
 
-    public void testGetEffectivePolicyForNonExistingNode() throws RepositoryException, AccessDeniedException, NotExecutableException {
+    public void testGetEffectivePoliciesForNonExistingNode() throws RepositoryException, AccessDeniedException, NotExecutableException {
         String path = getPathToNonExistingNode();
         try {
-            acMgr.getEffectivePolicy(path);
+            acMgr.getEffectivePolicies(path);
             fail("AccessControlManager.getEffectivePolicy for an invalid absPath must throw PathNotFoundException.");
         } catch (PathNotFoundException e) {
             // ok
         }
     }
 
-    public void testGetEffectivePolicyForProperty() throws RepositoryException, AccessDeniedException, NotExecutableException {
+    public void testGetEffectivePoliciesForProperty() throws RepositoryException, AccessDeniedException, NotExecutableException {
         String path = getPathToProperty();
         try {
-            acMgr.getEffectivePolicy(path);
+            acMgr.getEffectivePolicies(path);
             fail("AccessControlManager.getEffectivePolicy for property must throw PathNotFoundException.");
         } catch (PathNotFoundException e) {
             // ok
         }
     }
 
-    public void testGetPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
+    public void testGetPolicies() throws RepositoryException, AccessDeniedException, NotExecutableException {
         checkCanReadAc(path);
         // call must succeed without exception
-        AccessControlPolicy policy = acMgr.getPolicy(path);
-        if (policy != null) {
-            assertTrue("The name of an AccessControlPolicy must not be null.", policy.getName() != null);
-        } else {
-            // no policy present on that node.
+        AccessControlPolicy[] policies = acMgr.getPolicies(path);
+
+        assertNotNull("AccessControlManager.getPolicies must never return null.", policies);
+        for (int i = 0; i < policies.length; i++) {
+            if (policies[i] instanceof NamedAccessControlPolicy) {
+                assertNotNull("The name of an NamedAccessControlPolicy must not be null.", ((NamedAccessControlPolicy) policies[i]).getName());
+            } else if (policies[i] instanceof AccessControlList) {
+                assertNotNull("The entries of an AccessControlList must not be null.", ((AccessControlList) policies[i]).getAccessControlEntries());
+            }
         }
     }
 
@@ -143,12 +124,12 @@
         checkCanReadAc(path);
         // call must succeed without exception
         AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
-        Set names = new HashSet();
+        Set AccessControlList = new HashSet();
 
         while (it.hasNext()) {
             AccessControlPolicy policy = it.nextAccessControlPolicy();
-            if (!names.add(policy.getName())) {
-                fail("The names of the policies present should be unique among the choices presented for a specific node. Name " + policy.getName() + " occured multiple times.");
+            if (!AccessControlList.add(policy)) {
+                fail("The applicable policies present should be unique among the choices. Policy " + policy + " occured multiple times.");
             }
         }
     }
@@ -167,7 +148,7 @@
     public void testSetIllegalPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
         checkCanModifyAc(path);
         try {
-            acMgr.setPolicy(path, buildInvalidPolicy(path));
+            acMgr.setPolicy(path, new AccessControlPolicy() {});
             fail("SetPolicy with an unknown policy should throw AccessControlException.");
         } catch (AccessControlException e) {
             // success.
@@ -183,8 +164,14 @@
             AccessControlPolicy policy = it.nextAccessControlPolicy();
             acMgr.setPolicy(path, policy);
 
-            AccessControlPolicy p = acMgr.getPolicy(path);
-            assertEquals("GetPolicy must return the policy that has been set before.", policy, p);
+            AccessControlPolicy[] policies = acMgr.getPolicies(path);
+            for (int i = 0; i < policies.length; i++) {
+                if (policy.equals(policies[i])) {
+                    // ok
+                    return;
+                }
+            }
+            fail("GetPolicies must at least return the policy that has been set before.");
         } else {
             throw new NotExecutableException();
         }
@@ -193,18 +180,18 @@
     public void testSetPolicyIsTransient() throws RepositoryException, AccessDeniedException, NotExecutableException {
         checkCanModifyAc(path);
 
-        AccessControlPolicy current = acMgr.getPolicy(path);
+        List currentPolicies = Arrays.asList(acMgr.getPolicies(path));
         AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
         if (it.hasNext()) {
             AccessControlPolicy policy = it.nextAccessControlPolicy();
             acMgr.setPolicy(path, policy);
             superuser.refresh(false);
 
-            String mgs = "Reverting 'setPolicy' must change back the return value of getPolicy.";
-            if (current == null) {
-                assertEquals(mgs, acMgr.getPolicy(path), current);
+            String mgs = "Reverting 'setPolicy' must change back the return value of getPolicies.";
+            if (currentPolicies.isEmpty()) {
+                assertTrue(mgs, acMgr.getPolicies(path).length == 0);
             } else {
-                assertTrue(mgs, acMgr.getPolicy(path).equals(current));
+                assertEquals(mgs, currentPolicies, Arrays.asList(acMgr.getPolicies(path)));
             }
         } else {
             throw new NotExecutableException();
@@ -223,7 +210,7 @@
             superuser.save();
 
             // remember for tearDown
-            addedPolicies.add(path);
+            addedPolicies.put(path, policy);
         } else {
             throw new NotExecutableException();
         }
@@ -231,8 +218,9 @@
         Session s2 = null;
         try {
             s2 = helper.getSuperuserSession();
-            AccessControlPolicy p = getAccessControlManager(s2).getPolicy(path);
-            assertEquals("Policy must be visible to another superuser session.", policy, p);
+            List plcs = Arrays.asList(getAccessControlManager(s2).getPolicies(path));
+            // TODO: check again if policies can be compared with equals!
+            assertTrue("Policy must be visible to another superuser session.", plcs.contains(policy));
         } finally {
             if (s2 != null) {
                 s2.logout();
@@ -250,7 +238,7 @@
             acMgr.setPolicy(path, policy);
             superuser.save();
             // remember for tearDown
-            addedPolicies.add(path);
+            addedPolicies.put(path, policy);
         } else {
             throw new NotExecutableException();
         }
@@ -295,8 +283,14 @@
         if (it.hasNext()) {
             AccessControlPolicy policy = it.nextAccessControlPolicy();
             acMgr.setPolicy(path, policy);
-            AccessControlPolicy removed = acMgr.removePolicy(path);
-            assertEquals("RemovePolicy must return the policy that has been set before.", policy, removed);
+            acMgr.removePolicy(path, policy);
+
+            AccessControlPolicy[] plcs = acMgr.getPolicies(path);
+            for (int i = 0; i < plcs.length; i++) {
+                if (plcs[i].equals(policy)) {
+                    fail("RemovePolicy must remove the policy that has been set before.");
+                }
+            }
         } else {
             throw new NotExecutableException();
         }
@@ -306,8 +300,10 @@
         checkCanReadAc(path);
         checkCanModifyAc(path);
 
-        AccessControlPolicy current = acMgr.getPolicy(path);
-        if (acMgr.getPolicy(path) == null) {
+        AccessControlPolicy[] currentPolicies = acMgr.getPolicies(path);
+        int size = currentPolicies.length;
+        AccessControlPolicy toRemove;
+        if (size == 0) {
             // no policy to remove ->> apply one
             AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
             if (it.hasNext()) {
@@ -316,23 +312,26 @@
                 superuser.save();
 
                 // remember for teardown
-                addedPolicies.add(path);
+                addedPolicies.put(path, policy);
 
-                current = policy;
+                toRemove = policy;
+                currentPolicies = acMgr.getPolicies(path);
+                size = currentPolicies.length;
             } else {
                 throw new NotExecutableException();
             }
+        } else {
+            toRemove = currentPolicies[0];
         }
 
         // test transient behaviour of the removal
-        acMgr.removePolicy(path);
-        AccessControlPolicy p = acMgr.getPolicy(path);
-        assertTrue("After transient remove AccessControlManager.getPolicy must return null.", p == null);
+        acMgr.removePolicy(path, toRemove);
+
+        assertEquals("After transient remove AccessControlManager.getPolicies must return less policies.", size - 1, acMgr.getPolicies(path).length);
 
         // revert changes
         superuser.refresh(false);
-        p = acMgr.getPolicy(path);
-        assertEquals("Reverting a Policy removal must restore the original state.", p, current);
+        assertEquals("Reverting a Policy removal must restore the original state.", Arrays.asList(currentPolicies), Arrays.asList(acMgr.getPolicies(path)));
     }
 
     public void testNodeIsModifiedAfterRemovePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
@@ -340,7 +339,7 @@
         checkCanModifyAc(path);
 
         Item item = superuser.getItem(path);
-        if (acMgr.getPolicy(path) == null) {
+        if (acMgr.getPolicies(path).length == 0) {
             // no policy to remove ->> apply one
             AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
             if (it.hasNext()) {
@@ -349,15 +348,19 @@
                 superuser.save();
 
                 // remember for teardown
-                addedPolicies.add(path);
+                addedPolicies.put(path, policy);
             } else {
                 throw new NotExecutableException();
             }
         }
 
         // test transient behaviour of the removal
-        try {acMgr.removePolicy(path);
-            assertTrue("After removing a policy the node must be marked modified.", item.isModified());
+        try {
+            AccessControlPolicy[] plcs = acMgr.getPolicies(path);
+            if (plcs.length > 0) {
+                acMgr.removePolicy(path, plcs[0]);
+                assertTrue("After removing a policy the node must be marked modified.", item.isModified());
+            }
         } finally {
             item.refresh(false);
         }
@@ -371,7 +374,7 @@
             throw new NotExecutableException();
         }
 
-        assertNull("A new Node must not have an access control policy set.", acMgr.getPolicy(n.getPath()));
+        assertTrue("A new Node must not have an access control policy set.", acMgr.getPolicies(n.getPath()).length == 0);
     }
 
     public void testSetPolicyOnNewNode() throws NotExecutableException, RepositoryException, AccessDeniedException {
@@ -387,29 +390,25 @@
             AccessControlPolicy policy = it.nextAccessControlPolicy();
             acMgr.setPolicy(n.getPath(), policy);
 
-            AccessControlPolicy p = acMgr.getPolicy(n.getPath());
-            assertNotNull("After calling setPolicy the manager must return a non-null policy for the new Node.", p);
-            assertEquals("The name of applicable policy must be equal to the name of the set policy", policy.getName(), p.getName());
+            AccessControlPolicy[] plcs = acMgr.getPolicies(n.getPath());
+            assertNotNull("After calling setPolicy the manager must return a non-null policy array for the new Node.", plcs);
+            assertTrue("After calling setPolicy the manager must return a policy array with a length greater than zero for the new Node.", plcs.length > 0);
         }
     }
 
     public void testRemoveTransientlyAddedPolicy() throws RepositoryException, AccessDeniedException {
-        AccessControlPolicy ex = acMgr.getPolicy(path);
+        AccessControlPolicy[] ex = acMgr.getPolicies(path);
 
         AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
         while (it.hasNext()) {
             AccessControlPolicy policy = it.nextAccessControlPolicy();
             acMgr.setPolicy(path, policy);
-            acMgr.removePolicy(path);
+            acMgr.removePolicy(path, policy);
 
             String msg = "transiently added AND removing a policy must revert " +
                     "the changes made. " +
-                    "ACMgr.getPolicy must then return the original value.";
-            if (ex == null) {
-                assertNull(msg, acMgr.getPolicy(path));
-            } else {
-                assertEquals(msg, ex.getName(), acMgr.getPolicy(path).getName());
-            }
+                    "ACMgr.getPolicies must then return the original value.";
+            assertEquals(msg, Arrays.asList(ex), Arrays.asList(acMgr.getPolicies(path)));
         }
     }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java Wed Aug 27 08:12:04 2008
@@ -20,8 +20,8 @@
 
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
-import java.util.ArrayList;
 import java.util.List;
+import java.util.Arrays;
 
 /**
  * <code>RSessionAccessControlDiscoveryTest</code>: A read-only session must
@@ -49,16 +49,6 @@
         super.tearDown();
     }
 
-    private Privilege getPrivilege(String name) throws RepositoryException, NotExecutableException {
-        Privilege[] privileges = acMgr.getSupportedPrivileges(testPath);
-        for (int i = 0; i < privileges.length; i++) {
-            if (name.equals(privileges[i].getName())) {
-                return privileges[i];
-            }
-        }
-        throw new NotExecutableException();
-    }
-
     public void testGetSupportedPrivileges() throws RepositoryException {
         Privilege[] privileges = testAcMgr.getSupportedPrivileges(testPath);
         assertNotNull("getSupportedPrivileges must return a non-null value even for read-only session.", privileges);
@@ -66,23 +56,20 @@
     }
 
     public void testGetPrivileges() throws RepositoryException {
-        Privilege[] privs = testAcMgr.getPrivileges(testPath);
-        List names = new ArrayList(privs.length);
-        for (int i = 0; i < privs.length; i++) {
-            names.add(privs[i].getName());
-        }
+        List privs = Arrays.asList(testAcMgr.getPrivileges(testPath));
+        Privilege readPrivilege = testAcMgr.privilegeFromName(Privilege.JCR_READ);
         assertTrue("A read-only session must have READ access to the test node.",
-                names.contains(Privilege.READ));
+                privs.contains(readPrivilege));
     }
 
     public void testHasPrivileges() throws RepositoryException, NotExecutableException {
-        Privilege priv = getPrivilege(Privilege.READ);
+        Privilege priv = testAcMgr.privilegeFromName(Privilege.JCR_READ);
         assertTrue("Read-only session must have READ privilege on test node.",
                 testAcMgr.hasPrivileges(testPath, new Privilege[] {priv}));
     }
 
     public void testNotHasPrivileges() throws RepositoryException, NotExecutableException {
-        Privilege all = getPrivilege(Privilege.ALL);
+        Privilege all = testAcMgr.privilegeFromName(Privilege.JCR_ALL);
         assertFalse("Read-only session must not have ALL privilege",
                 testAcMgr.hasPrivileges(testPath, new Privilege[] {all}));
     }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java Wed Aug 27 08:12:04 2008
@@ -39,7 +39,7 @@
     protected void setUp() throws Exception {
         super.setUp();
 
-        // policy-option is cover the by the 'OPTION_SIMPLE_ACCESS_CONTROL_SUPPORTED' -> see super-class
+        // policy-option is cover the by the 'OPTION_ACCESS_CONTROL_SUPPORTED' -> see super-class
         
         Node n = testRootNode.addNode(nodeName1, testNodeType);
         superuser.save();
@@ -58,7 +58,7 @@
 
     public void testGetPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
         try {
-            testAcMgr.getPolicy(path);
+            testAcMgr.getPolicies(path);
             fail("read only session may not read AC content.");
         } catch (AccessDeniedException e) {
             // success
@@ -67,7 +67,7 @@
 
     public void testGetEffectivePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
         try {
-            testAcMgr.getEffectivePolicy(path);
+            testAcMgr.getEffectivePolicies(path);
             fail("read only session may not read AC content.");
         } catch (AccessDeniedException e) {
             // success
@@ -117,13 +117,4 @@
             // fine as well (privileges were apparently checked first)
         }
     }
-
-    public void testRemovePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
-        try {
-            testAcMgr.removePolicy(path);
-            fail("read only session may not remove a policy.");
-        } catch (AccessDeniedException e) {
-            // success.
-        }
-    }
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java Wed Aug 27 08:12:04 2008
@@ -41,11 +41,10 @@
         suite.addTestSuite(AccessControlDiscoveryTest.class);
         suite.addTestSuite(AccessControlPolicyTest.class);
          suite.addTestSuite(AccessControlPolicyIteratorTest.class);
-        suite.addTestSuite(AccessControlEntryTest.class);
+        suite.addTestSuite(AccessControlListTest.class);
 
         // tests with read only session:
         suite.addTestSuite(RSessionAccessControlDiscoveryTest.class);
-        suite.addTestSuite(RSessionAccessControlEntryTest.class);
         suite.addTestSuite(RSessionAccessControlPolicyTest.class);
 
         return suite;

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java Wed Aug 27 08:12:04 2008
@@ -20,12 +20,11 @@
 import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.test.AbstractJCRTest;
 import org.apache.jackrabbit.test.NotExecutableException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import java.security.Principal;
+import java.security.acl.Group;
 import java.util.Enumeration;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -36,10 +35,8 @@
  */
 public class PrincipalManagerTest extends AbstractJCRTest {
 
-    private static Logger log = LoggerFactory.getLogger(PrincipalManagerTest.class);
-
     private PrincipalManager principalMgr;
-    private Principal everyone;
+    private Group everyone;
 
     protected void setUp() throws Exception {
         super.setUp();
@@ -47,7 +44,7 @@
             throw new NotExecutableException();
         }
         principalMgr = ((JackrabbitSession) superuser).getPrincipalManager();
-        everyone = principalMgr.getEveryone();
+        everyone = (Group) principalMgr.getEveryone();
     }
 
     private static Principal[] getPrincipals(Session session) {
@@ -67,7 +64,6 @@
     }
 
     public void testSuperUserIsEveryOne() {
-        java.security.acl.Group everyone = (java.security.acl.Group) principalMgr.getEveryone();
         Principal[] pcpls = getPrincipals(superuser);
         for (int i = 0; i < pcpls.length; i++) {
             if (!(pcpls[i].equals(everyone))) {
@@ -77,7 +73,6 @@
     }
 
     public void testReadOnlyIsEveryOne() throws RepositoryException {
-        java.security.acl.Group everyone = (java.security.acl.Group) principalMgr.getEveryone();
         Principal[] pcpls = getPrincipals(helper.getReadOnlySession());
         for (int i = 0; i < pcpls.length; i++) {
             if (!(pcpls[i].equals(everyone))) {

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java Wed Aug 27 08:12:04 2008
@@ -24,8 +24,6 @@
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.apache.jackrabbit.util.Text;
 import org.apache.jackrabbit.uuid.UUID;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import javax.jcr.Credentials;
 import javax.jcr.RepositoryException;
@@ -45,8 +43,6 @@
  */
 public abstract class AbstractUserTest extends AbstractJCRTest {
 
-    private static Logger log = LoggerFactory.getLogger(AbstractUserTest.class);
-
     protected UserManager userMgr;
 
     protected void setUp() throws Exception {
@@ -113,16 +109,9 @@
     }
 
     protected User getTestUser(Session session) throws NotExecutableException, RepositoryException {
-        Set principals = getPrincipalSetFromSession(session);
-        for (Iterator it = principals.iterator(); it.hasNext();) {
-            try {
-                Authorizable auth = userMgr.getAuthorizable((Principal) it.next());
-                if (auth != null && !auth.isGroup()) {
-                    return (User) auth;
-                }
-            } catch (RepositoryException e) {
-                // ignore
-            }
+        Authorizable auth = getUserManager(session).getAuthorizable(session.getUserID());
+        if (auth != null && !auth.isGroup()) {
+            return (User) auth;
         }
         // should never happen. An Session should always have a corresponding User.
         throw new RepositoryException("Unable to retrieve a User.");
@@ -131,13 +120,9 @@
     protected Group getTestGroup(Session session) throws NotExecutableException, RepositoryException {
         Set principals = getPrincipalSetFromSession(session);
         for (Iterator it = principals.iterator(); it.hasNext();) {
-            try {
-                Authorizable auth = userMgr.getAuthorizable((Principal) it.next());
-                if (auth != null && auth.isGroup()) {
-                    return (Group) auth;
-                }
-            } catch (RepositoryException e) {
-                // ignore
+            Authorizable auth = getUserManager(session).getAuthorizable((Principal) it.next());
+            if (auth != null && auth.isGroup()) {
+                return (Group) auth;
             }
         }
         // may happen -> don't throw RepositoryException

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java Wed Aug 27 08:12:04 2008
@@ -17,8 +17,6 @@
 package org.apache.jackrabbit.api.security.user;
 
 import org.apache.jackrabbit.test.NotExecutableException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import javax.jcr.RepositoryException;
 import java.security.Principal;
@@ -30,9 +28,7 @@
  */
 public class UserManagerTest extends AbstractUserTest {
 
-    private static Logger log = LoggerFactory.getLogger(UserManagerTest.class);
-
-    // TODO: add generic tests for UserManager.findAuthorizable
+    // TODO: add generic tests for UserManager.findAuthorizables
     // TODO: test creating users/groups if root is locked OR checked-in.
 
     public void testGetAuthorizableByPrincipal() throws RepositoryException, NotExecutableException {

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,177 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.config;
+
+import org.apache.jackrabbit.core.DefaultSecurityManager;
+import org.apache.jackrabbit.core.security.DefaultAccessManager;
+import org.apache.jackrabbit.core.security.authentication.DefaultLoginModule;
+import org.apache.jackrabbit.core.security.simple.SimpleAccessManager;
+import org.apache.jackrabbit.core.security.simple.SimpleSecurityManager;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.IOException;
+import java.io.StringReader;
+import java.util.Properties;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Iterator;
+
+/** <code>SecurityConfigTest</code>... */
+public class SecurityConfigTest extends AbstractJCRTest {
+
+    private static Logger log = LoggerFactory.getLogger(SecurityConfigTest.class);
+
+    private RepositoryConfigurationParser parser;
+
+    protected void setUp() throws Exception {
+        super.setUp();
+        parser = new RepositoryConfigurationParser(new Properties());
+    }
+
+    protected void tearDown() throws Exception {
+        super.tearDown();
+    }
+
+    public void testConfig1() throws ConfigurationException {
+        Element xml = parseXML(new InputSource(new StringReader(CONFIG_1)), true);
+        SecurityConfig config = parser.parseSecurityConfig(xml);
+
+        assertNotNull(config.getAppName());
+        assertEquals("Jackrabbit", config.getAppName());
+
+        SecurityManagerConfig smc = config.getSecurityManagerConfig();
+        assertNotNull(smc);
+        assertTrue(smc.newInstance() instanceof SimpleSecurityManager);
+        assertNull(smc.getWorkspaceAccessConfig());
+        assertNull(smc.getWorkspaceName());
+
+        assertNotNull(config.getAccessManagerConfig());
+        assertTrue(config.getAccessManagerConfig().newInstance() instanceof SimpleAccessManager);
+
+        assertNull(config.getLoginModuleConfig());
+    }
+
+    public void testConfig2() throws ConfigurationException {
+        Element xml = parseXML(new InputSource(new StringReader(CONFIG_2)), true);
+        SecurityConfig config = parser.parseSecurityConfig(xml);
+
+        assertNotNull(config.getAppName());
+        assertEquals("Jackrabbit", config.getAppName());
+
+        SecurityManagerConfig smc = config.getSecurityManagerConfig();
+        assertNotNull(smc);
+        assertTrue(smc.newInstance() instanceof DefaultSecurityManager);
+        assertNull(smc.getWorkspaceAccessConfig());
+        assertEquals("security", smc.getWorkspaceName());
+
+        AccessManagerConfig amc = config.getAccessManagerConfig();
+        assertNotNull(amc);
+        assertTrue(amc.newInstance() instanceof DefaultAccessManager);
+
+        LoginModuleConfig lmc = config.getLoginModuleConfig();
+        assertNotNull(lmc);
+        assertTrue(lmc.getLoginModule() instanceof DefaultLoginModule);
+        Properties options = lmc.getParameters();
+        assertNotNull(options);
+        assertEquals("anonymous", options.getProperty("anonymousId"));
+        assertEquals("admin", options.getProperty("adminId"));
+        assertEquals("org.apache.jackrabbit.TestPrincipalProvider", options.getProperty("principalProvider"));
+    }
+
+    public void testInvalidConfig() {
+        List invalid = new ArrayList();
+        invalid.add(new InputSource(new StringReader(INVALID_CONFIG_1)));
+        invalid.add(new InputSource(new StringReader(INVALID_CONFIG_2)));
+        invalid.add(new InputSource(new StringReader(INVALID_CONFIG_3)));
+
+        for (Iterator it = invalid.iterator(); it.hasNext();) {
+            try {
+                Element xml = parseXML((InputSource) it.next(), false);
+                parser.parseSecurityConfig(xml);
+                fail("Invalid config -> should fail.");
+            } catch (ConfigurationException e) {
+                // ok
+            }
+        }
+    }
+
+    private static Element parseXML(InputSource xml, boolean validate) throws ConfigurationException {
+        try {
+            DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+            factory.setValidating(validate);
+            DocumentBuilder builder = factory.newDocumentBuilder();
+            if (validate) {
+                builder.setErrorHandler(new ConfigurationErrorHandler());
+            }
+            builder.setEntityResolver(ConfigurationEntityResolver.INSTANCE);
+            Document document = builder.parse(xml);
+            return document.getDocumentElement();
+        } catch (ParserConfigurationException e) {
+            throw new ConfigurationException("Unable to create configuration XML parser", e);
+        } catch (SAXParseException e) {
+            throw new ConfigurationException("Configuration file syntax error. (Line: " + e.getLineNumber() + " Column: " + e.getColumnNumber() + ")", e);
+        } catch (SAXException e) {
+            throw new ConfigurationException("Configuration file syntax error. ", e);
+        } catch (IOException e) {
+            throw new ConfigurationException("Configuration file could not be read.", e);
+        }
+    }
+
+    private static final String CONFIG_1 =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.security.simple.SimpleSecurityManager\"></SecurityManager>" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
+            "    </Security>";
+
+    private static final String CONFIG_2 =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\" workspaceName=\"security\">" +
+            "        </SecurityManager>" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.DefaultAccessManager\">" +
+            "        </AccessManager>" +
+            "        <LoginModule class=\"org.apache.jackrabbit.core.security.authentication.DefaultLoginModule\">" +
+            "           <param name=\"anonymousId\" value=\"anonymous\"/>" +
+            "           <param name=\"adminId\" value=\"admin\"/>" +
+            "           <param name=\"principalProvider\" value=\"org.apache.jackrabbit.TestPrincipalProvider\"/>" +
+            "        </LoginModule>\n" +
+            "    </Security>";
+
+    private static final String INVALID_CONFIG_1 =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.security.simple.SimpleSecurityManager\"></SecurityManager>" +
+            "    </Security>";
+
+    private static final String INVALID_CONFIG_2 =
+            "    <Security>" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.security.simple.SimpleSecurityManager\"></SecurityManager>" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
+            "    </Security>";
+    private static final String INVALID_CONFIG_3 =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
+            "    </Security>";
+}
\ No newline at end of file

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision url

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java Wed Aug 27 08:12:04 2008
@@ -154,29 +154,6 @@
         assertTrue(acMgr.isGranted(id, AccessManager.WRITE | AccessManager.REMOVE));
     }
 
-/*
-// TODO: uncomment as soon as SimpleAccessManager is replaced
-    public void testIsGrantedForRemovedItem() throws RepositoryException, NotExecutableException {
-        AccessManager acMgr = getAccessManager(superuser);
-        Property p = testRootNode.setProperty(propertyName1, "anyvalue");
-        ItemId id;
-        if (p instanceof PropertyImpl) {
-            id = ((PropertyImpl)p).getId();
-        } else {
-            throw new NotExecutableException();
-        }
-
-        assertTrue(acMgr.isGranted(id, AccessManager.READ));
-        p.remove();
-        try {
-            acMgr.isGranted(id, AccessManager.READ);
-            fail("AccessManager.isGranted should throw ItemNotFoundException if id of a removed item is passed.");
-        } catch (ItemNotFoundException e) {
-            // ok
-        }
-    }
-*/
-
     public void testCanAccess() throws RepositoryException, NotExecutableException {
         Session s = helper.getReadOnlySession();
         String wspName = s.getWorkspace().getName();

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java Wed Aug 27 08:12:04 2008
@@ -28,7 +28,7 @@
      * @return a <code>Test</code> suite that executes all security test.
      */
     public static Test suite() {
-        TestSuite suite = new TestSuite("Security tests");
+        TestSuite suite = new TestSuite("core.security tests");
 
         suite.addTestSuite(AccessManagerTest.class);
 

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authentication;
+
+import org.apache.jackrabbit.api.jsr283.GuestCredentials;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+/** <code>GuestLoginTest</code>... */
+public class GuestLoginTest extends AbstractJCRTest {
+
+    private Session guest;
+
+    protected void setUp() throws Exception {
+        super.setUp();
+        guest = helper.getRepository().login(new GuestCredentials());
+    }
+
+    protected void tearDown() throws Exception {
+        if (guest != null) {
+            guest.logout();
+        }
+        super.tearDown();
+    }
+
+    /**
+     * Implementation specific test: userID must never be null.
+     *
+     * @throws RepositoryException
+     */
+    public void testUserID() throws RepositoryException {
+        assertNotNull(guest.getUserID());
+    }
+}
\ No newline at end of file

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision url

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authentication;
+
+import org.apache.jackrabbit.test.AbstractJCRTest;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+/** <code>NullLoginTest</code>... */
+public class NullLoginTest extends AbstractJCRTest {
+
+    protected void setUp() throws Exception {
+        super.setUp();
+    }
+
+    protected void tearDown() throws Exception {
+        super.tearDown();
+    }
+
+    public void testNullLogin() throws RepositoryException {
+        Session s = helper.getRepository().login();
+        Session s2 = helper.getRepository().login(null, null);
+
+        assertNotNull(s.getUserID());
+        assertEquals(s.getUserID(), s2.getUserID());
+        assertEquals(s.getWorkspace().getName(), s2.getWorkspace().getName());
+    }
+}
\ No newline at end of file

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision url

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authentication;
+
+import junit.framework.TestCase;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/** <code>TestAll</code>... */
+public class TestAll extends TestCase {
+
+    private static Logger log = LoggerFactory.getLogger(TestAll.class);
+
+    public static Test suite() {
+        TestSuite suite = new TestSuite("core.security.authentication tests");
+
+        suite.addTestSuite(GuestLoginTest.class);
+        suite.addTestSuite(NullLoginTest.class);
+
+        return suite;
+    }
+}
\ No newline at end of file

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision url



Mime
View raw message