jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r828791 [5/8] - in /jackrabbit/trunk: jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/ jackrabbi...
Date Thu, 22 Oct 2009 17:26:39 GMT
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/GroupTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/GroupTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/GroupTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/GroupTest.java Thu Oct 22 17:26:37 2009
@@ -29,7 +29,7 @@
  */
 public class GroupTest extends AbstractUserTest {
 
-    private static void assertTrueIsMember(Iterator members, Authorizable auth) throws RepositoryException {
+    private static void assertTrueIsMember(Iterator<Authorizable> members, Authorizable auth) throws RepositoryException {
         boolean contained = false;
         while (members.hasNext() && !contained) {
             Object next = members.next();
@@ -39,7 +39,7 @@
         assertTrue("The given set of members must contain '" + auth.getID() + "'", contained);
     }
 
-    private static void assertFalseIsMember(Iterator members, Authorizable auth) throws RepositoryException {
+    private static void assertFalseIsMember(Iterator<Authorizable> members, Authorizable auth) throws RepositoryException {
         boolean contained = false;
         while (members.hasNext() && !contained) {
             Object next = members.next();
@@ -49,7 +49,7 @@
         assertFalse("The given set of members must not contain '" + auth.getID() + "'", contained);
     }
 
-    private static void assertTrueMemberOfContainsGroup(Iterator groups, Group gr) throws RepositoryException {
+    private static void assertTrueMemberOfContainsGroup(Iterator<Group> groups, Group gr) throws RepositoryException {
         boolean contained = false;
         while (groups.hasNext() && !contained) {
             Object next = groups.next();
@@ -59,7 +59,7 @@
         assertTrue("All members of a group must contain that group upon 'memberOf'.", contained);
     }
 
-    private static void assertFalseMemberOfContainsGroup(Iterator groups, Group gr) throws RepositoryException {
+    private static void assertFalseMemberOfContainsGroup(Iterator<Group> groups, Group gr) throws RepositoryException {
         boolean contained = false;
         while (groups.hasNext() && !contained) {
             Object next = groups.next();
@@ -76,28 +76,28 @@
 
     public void testGetDeclaredMembers() throws NotExecutableException, RepositoryException {
         Group gr = getTestGroup(superuser);
-        Iterator it = gr.getDeclaredMembers();
+        Iterator<Authorizable> it = gr.getDeclaredMembers();
         assertNotNull(it);
         while (it.hasNext()) {
-            assertTrue(it.next() instanceof Authorizable);
+            assertTrue(it.next() != null);
         }
     }
 
     public void testGetMembers() throws NotExecutableException, RepositoryException {
         Group gr = getTestGroup(superuser);
-        Iterator it = gr.getMembers();
+        Iterator<Authorizable> it = gr.getMembers();
         assertNotNull(it);
         while (it.hasNext()) {
-            assertTrue(it.next() instanceof Authorizable);
+            assertTrue(it.next() != null);
         }
     }
 
     public void testGetMembersAgainstIsMember() throws NotExecutableException, RepositoryException {
         Group gr = getTestGroup(superuser);
 
-        Iterator it = gr.getMembers();
+        Iterator<Authorizable> it = gr.getMembers();
         while (it.hasNext()) {
-            Authorizable auth = (Authorizable) it.next();
+            Authorizable auth = it.next();
             assertTrue(gr.isMember(auth));
         }
     }
@@ -105,9 +105,9 @@
     public void testGetMembersAgainstMemberOf() throws NotExecutableException, RepositoryException {
         Group gr = getTestGroup(superuser);
 
-        Iterator it = gr.getMembers();
+        Iterator<Authorizable> it = gr.getMembers();
         while (it.hasNext()) {
-            Authorizable auth = (Authorizable) it.next();
+            Authorizable auth = it.next();
             assertTrueMemberOfContainsGroup(auth.memberOf(), gr);
         }
     }
@@ -115,9 +115,9 @@
     public void testGetDeclaredMembersAgainstDeclaredMemberOf() throws NotExecutableException, RepositoryException {
         Group gr = getTestGroup(superuser);
 
-        Iterator it = gr.getDeclaredMembers();
+        Iterator<Authorizable> it = gr.getDeclaredMembers();
         while (it.hasNext()) {
-            Authorizable auth = (Authorizable) it.next();
+            Authorizable auth = it.next();
             assertTrueMemberOfContainsGroup(auth.declaredMemberOf(), gr);
         }
     }
@@ -128,9 +128,9 @@
         for (Iterator<Authorizable> it = gr.getMembers(); it.hasNext();) {
             l.add(it.next().getID());
         }
-        for (Iterator it = gr.getDeclaredMembers(); it.hasNext();) {
+        for (Iterator<Authorizable> it = gr.getDeclaredMembers(); it.hasNext();) {
             assertTrue("All declared members must also be part of the Iterator " +
-                    "returned upon getMembers()",l.contains(((Authorizable) it.next()).getID()));
+                    "returned upon getMembers()",l.contains(it.next().getID()));
         }
     }
 
@@ -139,11 +139,14 @@
         Group newGroup = null;
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertFalse(newGroup.isMember(auth));
             assertFalse(newGroup.removeMember(auth));
+            save(superuser);
 
             assertTrue(newGroup.addMember(auth));
+            save(superuser);
             assertTrue(newGroup.isMember(auth));
             assertTrue(newGroup.isMember(userMgr.getAuthorizable(auth.getID())));
 
@@ -151,6 +154,7 @@
             if (newGroup != null) {
                 newGroup.removeMember(auth);
                 newGroup.remove();
+                save(superuser);
             }
         }
     }
@@ -162,37 +166,48 @@
         try {
             newGroup1 = userMgr.createGroup(getTestPrincipal());
             newGroup2 = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertFalse(newGroup1.isMember(auth));
             assertFalse(newGroup1.removeMember(auth));
+            save(superuser);
             assertFalse(newGroup2.isMember(auth));
             assertFalse(newGroup2.removeMember(auth));
+            save(superuser);
 
             assertTrue(newGroup1.addMember(auth));
+            save(superuser);
             assertTrue(newGroup1.isMember(auth));
             assertTrue(newGroup1.isMember(userMgr.getAuthorizable(auth.getID())));
 
             assertTrue(newGroup2.addMember(auth));
+            save(superuser);
             assertTrue(newGroup2.isMember(auth));
             assertTrue(newGroup2.isMember(userMgr.getAuthorizable(auth.getID())));
 
             assertTrue(newGroup1.removeMember(auth));
+            save(superuser);
             assertTrue(newGroup2.removeMember(auth));
+            save(superuser);
 
             assertTrue(newGroup1.addMember(auth));
+            save(superuser);
             assertTrue(newGroup1.isMember(auth));
             assertTrue(newGroup1.isMember(userMgr.getAuthorizable(auth.getID())));
             assertTrue(newGroup1.removeMember(auth));
+            save(superuser);
 
 
         } finally {
             if (newGroup1 != null) {
                 newGroup1.removeMember(auth);
                 newGroup1.remove();
+                save(superuser);
             }
             if (newGroup2 != null) {
                 newGroup2.removeMember(auth);
                 newGroup2.remove();
+                save(superuser);
             }
         }
     }
@@ -202,15 +217,19 @@
         Group newGroup = null;
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertTrue(newGroup.addMember(auth));
+            save(superuser);
             assertFalse(newGroup.addMember(auth));
+            save(superuser);
             assertTrue(newGroup.isMember(auth));
 
         } finally {
             if (newGroup != null) {
                 newGroup.removeMember(auth);
                 newGroup.remove();
+                save(superuser);
             }
         }
     }
@@ -220,15 +239,19 @@
         Group newGroup = null;
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertFalseMemberOfContainsGroup(auth.memberOf(), newGroup);
             assertTrue(newGroup.addMember(auth));
+            save(superuser);
+
             assertTrueMemberOfContainsGroup(auth.declaredMemberOf(), newGroup);
             assertTrueMemberOfContainsGroup(auth.memberOf(), newGroup);
         } finally {
             if (newGroup != null) {
                 newGroup.removeMember(auth);
                 newGroup.remove();
+                save(superuser);
             }
         }
     }
@@ -238,16 +261,20 @@
         Group newGroup = null;
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertFalseIsMember(newGroup.getMembers(), auth);
             assertFalseIsMember(newGroup.getDeclaredMembers(), auth);
             assertTrue(newGroup.addMember(auth));
+            save(superuser);
+
             assertTrueIsMember(newGroup.getMembers(), auth);
             assertTrueIsMember(newGroup.getDeclaredMembers(), auth);
         } finally {
             if (newGroup != null) {
                 newGroup.removeMember(auth);
                 newGroup.remove();
+                save(superuser);
             }
         }
     }
@@ -259,11 +286,14 @@
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
             newGroup2 = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             newGroup.addMember(newGroup2);
+            save(superuser);
             assertTrue(newGroup.isMember(newGroup2));
 
             newGroup2.addMember(auth);
+            save(superuser);
 
             // testuser must not be declared member of 'newGroup'
             assertFalseIsMember(newGroup.getDeclaredMembers(), auth);
@@ -275,14 +305,17 @@
 
             // testuser cannot be removed from 'newGroup'
             assertFalse(newGroup.removeMember(auth));
+            save(superuser);
         } finally {
             if (newGroup != null) {
                 newGroup.removeMember(newGroup2);
                 newGroup.remove();
+                save(superuser);
             }
             if (newGroup2 != null) {
                 newGroup2.removeMember(auth);
                 newGroup2.remove();
+                save(superuser);
             }
         }
     }
@@ -292,27 +325,36 @@
         Group newGroup = null;
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertTrue(newGroup.addMember(auth));
+            save(superuser);
             assertTrue(newGroup.removeMember(userMgr.getAuthorizable(auth.getID())));
+            save(superuser);
             assertFalse(newGroup.removeMember(auth));
+            save(superuser);
         } finally {
             if (newGroup != null) {
                 newGroup.remove();
+                save(superuser);
             }
         }
     }
 
-    public void testAddItselfAsMember() throws RepositoryException {
+    public void testAddItselfAsMember() throws RepositoryException, NotExecutableException {
         Group newGroup = null;
         try {
             newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
 
             assertFalse(newGroup.addMember(newGroup));
+            save(superuser);
             newGroup.removeMember(newGroup);
+            save(superuser);
         } finally {
             if (newGroup != null) {
                 newGroup.remove();
+                save(superuser);
             }
         }
     }
@@ -330,16 +372,18 @@
 
         try {
             Group newGroup = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
             newGroupId = newGroup.getID();
 
             assertTrue(newGroup.addMember(auth));
             newGroup.remove();
-
+            save(superuser);
         } finally {
             Group gr = (Group) userMgr.getAuthorizable(newGroupId);
             if (gr != null) {
                 gr.removeMember(auth);
                 gr.remove();
+                save(superuser);
             }
         }
     }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/ImpersonationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/ImpersonationTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/ImpersonationTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/ImpersonationTest.java Thu Oct 22 17:26:37 2009
@@ -38,18 +38,22 @@
     private User newUser;
     private Impersonation impersonation;
 
+    @Override
     protected void setUp() throws Exception {
         super.setUp();
 
         Principal test = getTestPrincipal();
         String pw = buildPassword(test);
-        Credentials creds = buildCredentials(test.getName(), pw);
         newUser = userMgr.createUser(test.getName(), pw);
+        save(superuser);
+        
         impersonation = newUser.getImpersonation();
     }
 
+    @Override
     protected void tearDown() throws Exception {
         newUser.remove();
+        save(superuser);
         super.tearDown();
     }
 
@@ -59,12 +63,13 @@
         assertFalse("An unknown principal should not be allowed to impersonate.", impersonation.allows(subject));
     }
 
-    public void testGrantImpersonationUnknownUser() throws RepositoryException {
+    public void testGrantImpersonationUnknownUser() throws RepositoryException, NotExecutableException {
         Principal test = getTestPrincipal();
         try {
             assertFalse("Granting impersonation to an unknown principal should not be successful.", impersonation.grantImpersonation(test));
         }  finally {
             impersonation.revokeImpersonation(test);
+            save(superuser);
         }
     }
 
@@ -87,32 +92,37 @@
                 assertFalse("Granting impersonation to a Group should not be successful.", impersonation.grantImpersonation(group));
             }  finally {
                 impersonation.revokeImpersonation(group);
+                save(superuser);
             }
         } finally {
             s.logout();
         }
     }
 
-    public void testGrantImpersonation() throws RepositoryException {
+    public void testGrantImpersonation() throws RepositoryException, NotExecutableException {
         User u = null;
         Principal test = getTestPrincipal();
         try {
             u = userMgr.createUser(test.getName(), buildPassword(test));
+            save(superuser);
             assertTrue("Admin should be allowed to edit impersonation and grant to another test-user.", impersonation.grantImpersonation(test));
         }  finally {
             impersonation.revokeImpersonation(test);
             if (u != null) {
                 u.remove();
             }
+            save(superuser);
         }
     }
 
-    public void testGrantImpersonationTwice() throws RepositoryException {
+    public void testGrantImpersonationTwice() throws RepositoryException, NotExecutableException {
         Principal test = getTestPrincipal();
         User u = null;
         try {
             u = userMgr.createUser(test.getName(), buildPassword(test));
+            save(superuser);
             impersonation.grantImpersonation(test);
+            save(superuser);
             // try again
             assertFalse("Granting impersonation twice should not succeed.", impersonation.grantImpersonation(test));
         }  finally {
@@ -120,15 +130,18 @@
             if (u != null) {
                 u.remove();
             }
+            save(superuser);
         }
     }
 
-    public void testRevokeImpersonation() throws RepositoryException {
+    public void testRevokeImpersonation() throws RepositoryException, NotExecutableException {
         User u = null;
         Principal test = getTestPrincipal();
         try {
             u = userMgr.createUser(test.getName(), buildPassword(test));
+            save(superuser);
             impersonation.grantImpersonation(test);
+            save(superuser);
 
             assertTrue(impersonation.revokeImpersonation(test));
         }  finally {
@@ -138,13 +151,16 @@
         }
     }
 
-    public void testRevokeImpersonationTwice() throws RepositoryException {
+    public void testRevokeImpersonationTwice() throws RepositoryException, NotExecutableException {
         User u = null;
         Principal test = getTestPrincipal();
         try {
             u = userMgr.createUser(test.getName(), buildPassword(test));
+            save(superuser);
             impersonation.grantImpersonation(test);
+            save(superuser);
             impersonation.revokeImpersonation(test);
+            save(superuser);
             // try again
             assertFalse("Revoking impersonation twice should not succeed.", impersonation.revokeImpersonation(test));
         }  finally {
@@ -199,8 +215,7 @@
     }
 
     private Subject createSubject(Principal p) throws RepositoryException {
-        Set creds = Collections.singleton(buildCredentials(p.getName(), buildPassword(p)));
-        Subject subject = new Subject(true, Collections.singleton(p), creds, creds);
-        return subject;
+        Set<Credentials> creds = Collections.singleton(buildCredentials(p.getName(), buildPassword(p)));
+        return new Subject(true, Collections.singleton(p), creds, creds);
     }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/NestedGroupTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/NestedGroupTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/NestedGroupTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/NestedGroupTest.java Thu Oct 22 17:26:37 2009
@@ -24,6 +24,7 @@
 import org.slf4j.LoggerFactory;
 
 import javax.jcr.RepositoryException;
+import java.security.Principal;
 
 /**
  * <code>NestedGroupTest</code>...
@@ -32,34 +33,59 @@
 
     private static Logger log = LoggerFactory.getLogger(NestedGroupTest.class);
 
+    @Override
     protected void setUp() throws Exception {
         super.setUp();
     }
 
+    @Override
     protected void tearDown() throws Exception {
         super.tearDown();
     }
 
+    private Group createGroup(Principal p) throws RepositoryException, NotExecutableException {
+        Group gr = userMgr.createGroup(p);
+        save(superuser);
+        return gr;
+    }
+
+    private void removeGroup(Group gr) throws RepositoryException, NotExecutableException {
+        gr.remove();
+        save(superuser);
+    }
+
+    private boolean addMember(Group gr, Authorizable member) throws RepositoryException, NotExecutableException {
+        boolean added = gr.addMember(member);
+        save(superuser);
+        return added;
+    }
+
+    private boolean removeMember(Group gr, Authorizable member) throws RepositoryException, NotExecutableException {
+        boolean removed = gr.removeMember(member);
+        save(superuser);
+        return removed;
+    }
+
     public void testAddGroupAsMember() throws NotExecutableException, RepositoryException {
         Group gr1 = null;
         Group gr2 = null;
 
         try {
-            gr1 = userMgr.createGroup(getTestPrincipal());
-            gr2 = userMgr.createGroup(getTestPrincipal());
+            gr1 = createGroup(getTestPrincipal());
+            gr2 = createGroup(getTestPrincipal());
 
             assertFalse(gr1.isMember(gr2));
 
-            assertTrue(gr1.addMember(gr2));
+            assertTrue(addMember(gr1, gr2));
             assertTrue(gr1.isMember(gr2));
 
         } finally {
             if (gr1 != null) {
-                gr1.removeMember(gr2);
-                gr1.remove();
+                removeMember(gr1, gr2);
+                removeGroup(gr1);
             }
             if (gr2 != null) {
-                gr2.remove();
+                removeGroup(gr2);
             }
         }
     }
@@ -69,50 +95,50 @@
         Group gr2 = null;
 
         try {
-            gr1 = userMgr.createGroup(getTestPrincipal());
-            gr2 = userMgr.createGroup(getTestPrincipal());
+            gr1 = createGroup(getTestPrincipal());
+            gr2 = createGroup(getTestPrincipal());
 
-            assertTrue(gr1.addMember(gr2));
-            assertFalse(gr2.addMember(gr1));
+            assertTrue(addMember(gr1, gr2));
+            assertFalse(addMember(gr2, gr1));
 
         } finally {
             if (gr1 != null && gr1.isMember(gr2)) {
-                gr1.removeMember(gr2);
+                removeMember(gr1, gr2);
             }
             if (gr2 != null && gr2.isMember(gr1)) {
-                gr2.removeMember(gr1);
+                removeMember(gr2, gr1);
             }
-            if (gr1 != null) gr1.remove();
-            if (gr2 != null) gr2.remove();
+            if (gr1 != null) removeGroup(gr1);
+            if (gr2 != null) removeGroup(gr2);
         }
     }
 
-    public void testCyclicMembers2() throws RepositoryException {
+    public void testCyclicMembers2() throws RepositoryException, NotExecutableException {
         Group gr1 = null;
         Group gr2 = null;
         Group gr3 = null;
         try {
-            gr1 = userMgr.createGroup(getTestPrincipal());
-            gr2 = userMgr.createGroup(getTestPrincipal());
-            gr3 = userMgr.createGroup(getTestPrincipal());
-
-            assertTrue(gr1.addMember(gr2));
-            assertTrue(gr2.addMember(gr3));
-            assertFalse(gr3.addMember(gr1));
+            gr1 = createGroup(getTestPrincipal());
+            gr2 = createGroup(getTestPrincipal());
+            gr3 = createGroup(getTestPrincipal());
+
+            assertTrue(addMember(gr1, gr2));
+            assertTrue(addMember(gr2, gr3));
+            assertFalse(addMember(gr3, gr1));
 
         } finally {
             if (gr1 != null) {
-                gr1.removeMember(gr2);
+                removeMember(gr1, gr2);
             }
             if (gr2 != null) {
-                gr2.removeMember(gr3);
-                gr2.remove();
+                removeMember(gr2, gr3);
+                removeGroup(gr2);
             }
             if (gr3 != null) {
-                gr3.removeMember(gr1);
-                gr3.remove();
+                removeMember(gr3, gr1);
+                removeGroup(gr3);
             }
-            if (gr1 != null) gr1.remove();
+            if (gr1 != null) removeGroup(gr1);
 
         }
     }
@@ -127,12 +153,12 @@
         }
 
         try {
-            gr1 = userMgr.createGroup(getTestPrincipal());
-            gr2 = userMgr.createGroup(getTestPrincipal());
-            gr3 = userMgr.createGroup(getTestPrincipal());
+            gr1 = createGroup(getTestPrincipal());
+            gr2 = createGroup(getTestPrincipal());
+            gr3 = createGroup(getTestPrincipal());
 
-            assertTrue(gr1.addMember(gr2));
-            assertTrue(gr2.addMember(gr3));
+            assertTrue(addMember(gr1, gr2));
+            assertTrue(addMember(gr2, gr3));
 
             // NOTE: don't test with Group.isMember for not required to detect
             // inherited membership -> rather with PrincipalManager.
@@ -146,14 +172,14 @@
 
         } finally {
             if (gr1 != null && gr1.isMember(gr2)) {
-                gr1.removeMember(gr2);
+                removeMember(gr1, gr2);
             }
             if (gr2 != null && gr2.isMember(gr3)) {
-                gr2.removeMember(gr3);
+                removeMember(gr2, gr3);
             }
-            if (gr1 != null) gr1.remove();
-            if (gr2 != null) gr2.remove();
-            if (gr3 != null) gr3.remove();
+            if (gr1 != null) removeGroup(gr1);
+            if (gr2 != null) removeGroup(gr2);
+            if (gr3 != null) removeGroup(gr3);
         }
     }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateGroupTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateGroupTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateGroupTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateGroupTest.java Thu Oct 22 17:26:37 2009
@@ -18,11 +18,11 @@
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.apache.jackrabbit.test.NotExecutableException;
 
 import javax.jcr.RepositoryException;
 import java.security.Principal;
 import java.util.ArrayList;
-import java.util.Iterator;
 import java.util.List;
 
 /**
@@ -32,25 +32,38 @@
 
     private static Logger log = LoggerFactory.getLogger(UserManagerCreateGroupTest.class);
 
-    private List createdGroups = new ArrayList();
+    private List<Authorizable> createdGroups = new ArrayList();
 
+    @Override
     protected void tearDown() throws Exception {
         // remove all created groups again
-        for (Iterator it = createdGroups.iterator(); it.hasNext();) {
-            Authorizable gr = (Authorizable) it.next();
+        for (Authorizable createdGroup : createdGroups) {
             try {
-                gr.remove();
+                createdGroup.remove();
+                superuser.save();
             } catch (RepositoryException e) {
-                log.error("Failed to remove Group " + gr.getID() + " during tearDown.");
+                log.error("Failed to remove Group " + createdGroup.getID() + " during tearDown.");
             }
         }
 
         super.tearDown();
     }
 
-    public void testCreateGroup() throws RepositoryException {
-        Principal p = getTestPrincipal();
+    private Group createGroup(Principal p) throws RepositoryException, NotExecutableException {
         Group gr = userMgr.createGroup(p);
+        save(superuser);
+        return gr;
+    }
+
+    private Group createGroup(Principal p, String iPath) throws RepositoryException, NotExecutableException {
+        Group gr = userMgr.createGroup(p, iPath);
+        save(superuser);
+        return gr;
+    }
+
+    public void testCreateGroup() throws RepositoryException, NotExecutableException {
+        Principal p = getTestPrincipal();
+        Group gr = createGroup(p);
         createdGroups.add(gr);
 
         assertNotNull(gr.getID());
@@ -58,9 +71,9 @@
         assertFalse("A new group must not have members.",gr.getMembers().hasNext());
     }
 
-    public void testCreateGroupWithPath() throws RepositoryException {
+    public void testCreateGroupWithPath() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
-        Group gr = userMgr.createGroup(p, "/any/path/to/the/new/group");
+        Group gr = createGroup(p, "/any/path/to/the/new/group");
         createdGroups.add(gr);
 
         assertNotNull(gr.getID());
@@ -70,7 +83,7 @@
 
     public void testCreateGroupWithNullPrincipal() throws RepositoryException {
         try {
-            Group gr = userMgr.createGroup(null);
+            Group gr = createGroup(null);
             createdGroups.add(gr);
 
             fail("A Group cannot be built from 'null' Principal");
@@ -79,7 +92,7 @@
         }
 
         try {
-            Group gr = userMgr.createGroup(null, "/any/path/to/the/new/group");
+            Group gr = createGroup(null, "/any/path/to/the/new/group");
             createdGroups.add(gr);
 
             fail("A Group cannot be built from 'null' Principal");
@@ -88,17 +101,46 @@
         }
     }
 
-    public void testCreateDuplicateGroup() throws RepositoryException {
+    public void testCreateDuplicateGroup() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
-        Group gr = userMgr.createGroup(p);
+        Group gr = createGroup(p);
         createdGroups.add(gr);
 
         try {
-            Group gr2 = userMgr.createGroup(p);
+            Group gr2 = createGroup(p);
             createdGroups.add(gr2);
             fail("Creating 2 groups with the same Principal should throw AuthorizableExistsException.");
         } catch (AuthorizableExistsException e) {
             // success.
         }
     }
+
+    public void testAutoSave() throws RepositoryException {
+        boolean autosave = userMgr.isAutoSave();
+        if (autosave) {
+            try {
+                userMgr.autoSave(false);
+                autosave = false;
+            } catch (RepositoryException e) {
+                // cannot change autosave behavior
+                // ignore -> test will behave differently.
+            }
+        }
+
+        Principal p = getTestPrincipal();
+        Group gr = userMgr.createGroup(p);
+        String id = gr.getID();
+        superuser.refresh(false);
+
+        if (!autosave) {
+            // transient changes must be gone after the refresh-call.
+            assertNull(userMgr.getAuthorizable(id));
+            assertNull(userMgr.getAuthorizable(p));
+        } else {
+            // no transient changes as autosave could not be disabled.
+            createdGroups.add(gr);            
+            assertNotNull(userMgr.getAuthorizable(id));
+            assertNotNull(userMgr.getAuthorizable(p));
+        }
+    }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateUserTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateUserTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateUserTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerCreateUserTest.java Thu Oct 22 17:26:37 2009
@@ -18,11 +18,11 @@
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.apache.jackrabbit.test.NotExecutableException;
 
 import javax.jcr.RepositoryException;
 import java.security.Principal;
 import java.util.ArrayList;
-import java.util.Iterator;
 import java.util.List;
 
 /**
@@ -32,55 +32,69 @@
 
     private static Logger log = LoggerFactory.getLogger(UserManagerCreateUserTest.class);
 
-    private List createdUsers = new ArrayList();
+    private List<Authorizable> createdUsers = new ArrayList();
 
+    @Override
     protected void tearDown() throws Exception {
         // remove all created groups again
-        for (Iterator it = createdUsers.iterator(); it.hasNext();) {
-            Authorizable auth = (Authorizable) it.next();
+        for (Object createdUser : createdUsers) {
+            Authorizable auth = (Authorizable) createdUser;
             try {
                 auth.remove();
+                superuser.save();
             } catch (RepositoryException e) {
-                log.error("Failed to remove User " + auth.getID() + " during tearDown.");
+                log.warn("Failed to remove User " + auth.getID() + " during tearDown.");
             }
         }
         super.tearDown();
     }
 
-    public void testCreateUser() throws RepositoryException {
+    private User createUser(String uid, String pw) throws RepositoryException, NotExecutableException {
+        User u = userMgr.createUser(uid, pw);
+        save(superuser);
+        return u;
+    }
+
+    private User createUser(String uid, String pw, Principal p, String iPath) throws RepositoryException, NotExecutableException {
+        User u = userMgr.createUser(uid, pw, p, iPath);
+        save(superuser);
+        return u;
+    }
+
+    public void testCreateUser() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = p.getName();
-        User user = userMgr.createUser(uid, buildPassword(uid, false));
+        User user = createUser(uid, buildPassword(uid, false));
         createdUsers.add(user);
 
         assertNotNull(user.getID());
         assertEquals(p.getName(), user.getPrincipal().getName());
     }
 
-    public void testCreateUserWithPath() throws RepositoryException {
+    public void testCreateUserWithPath() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = p.getName();
-        User user = userMgr.createUser(uid, buildPassword(uid, true), p, "/any/path/to/the/new/user");
+        User user = createUser(uid, buildPassword(uid, true), p, "/any/path/to/the/new/user");
         createdUsers.add(user);
 
         assertNotNull(user.getID());
         assertEquals(p.getName(), user.getPrincipal().getName());
     }
 
-    public void testCreateUserWithPath2() throws RepositoryException {
+    public void testCreateUserWithPath2() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = p.getName();
-        User user = userMgr.createUser(uid, buildPassword(uid, true), p, "any/path");
+        User user = createUser(uid, buildPassword(uid, true), p, "any/path");
         createdUsers.add(user);
 
         assertNotNull(user.getID());
         assertEquals(p.getName(), user.getPrincipal().getName());
     }
 
-    public void testCreateUserWithDifferentPrincipalName() throws RepositoryException {
+    public void testCreateUserWithDifferentPrincipalName() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = getTestPrincipal().getName();
-        User user = userMgr.createUser(uid, buildPassword(uid, true), p, "/any/path/to/the/new/user");
+        User user = createUser(uid, buildPassword(uid, true), p, "/any/path/to/the/new/user");
         createdUsers.add(user);
 
         assertNotNull(user.getID());
@@ -89,7 +103,7 @@
 
     public void testCreateUserWithNullParamerters() throws RepositoryException {
         try {
-            User user = userMgr.createUser(null, null);
+            User user = createUser(null, null);
             createdUsers.add(user);
 
             fail("A User cannot be built from 'null' parameters");
@@ -98,7 +112,7 @@
         }
 
         try {
-            User user = userMgr.createUser(null, null, null, null);
+            User user = createUser(null, null, null, null);
             createdUsers.add(user);
 
             fail("A User cannot be built from 'null' parameters");
@@ -109,7 +123,7 @@
 
     public void testCreateUserWithNullUserID() throws RepositoryException {
         try {
-            User user = userMgr.createUser(null, "anyPW");
+            User user = createUser(null, "anyPW");
             createdUsers.add(user);
 
             fail("A User cannot be built with 'null' userID");
@@ -120,7 +134,7 @@
 
     public void testCreateUserWithEmptyUserID() throws RepositoryException {
         try {
-            User user = userMgr.createUser("", "anyPW");
+            User user = createUser("", "anyPW");
             createdUsers.add(user);
 
             fail("A User cannot be built with \"\" userID");
@@ -128,7 +142,7 @@
             // ok
         }
         try {
-            User user = userMgr.createUser("", "anyPW", getTestPrincipal(), null);
+            User user = createUser("", "anyPW", getTestPrincipal(), null);
             createdUsers.add(user);
 
             fail("A User cannot be built with \"\" userID");
@@ -140,7 +154,7 @@
     public void testCreateUserWithNullPassword() throws RepositoryException {
         try {
             Principal p = getTestPrincipal();
-            User user = userMgr.createUser(p.getName(), null);
+            User user = createUser(p.getName(), null);
             createdUsers.add(user);
 
             fail("A User cannot be built with 'null' password");
@@ -149,9 +163,9 @@
         }
     }
 
-    public void testCreateUserWithEmptyPassword() throws RepositoryException {
+    public void testCreateUserWithEmptyPassword() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
-        User user = userMgr.createUser(p.getName(), "");
+        User user = createUser(p.getName(), "");
         createdUsers.add(user);
     }
 
@@ -159,7 +173,7 @@
         try {
             Principal p = getTestPrincipal();
             String uid = p.getName();
-            User user = userMgr.createUser(uid, buildPassword(uid, true), null, "/a/b/c");
+            User user = createUser(uid, buildPassword(uid, true), null, "/a/b/c");
             createdUsers.add(user);
 
             fail("A User cannot be built with 'null' Principal");
@@ -172,7 +186,7 @@
         try {
             Principal p = getTestPrincipal("");
             String uid = p.getName();
-            User user = userMgr.createUser(uid, buildPassword(uid, true), p, "/a/b/c");
+            User user = createUser(uid, buildPassword(uid, true), p, "/a/b/c");
             createdUsers.add(user);
 
             fail("A User cannot be built with ''-named Principal");
@@ -182,7 +196,7 @@
         try {
             Principal p = getTestPrincipal(null);
             String uid = p.getName();
-            User user = userMgr.createUser(uid, buildPassword(uid, true), p, "/a/b/c");
+            User user = createUser(uid, buildPassword(uid, true), p, "/a/b/c");
             createdUsers.add(user);
 
             fail("A User cannot be built with ''-named Principal");
@@ -191,13 +205,13 @@
         }
     }
 
-    public void testCreateTwiceWithSameUserID() throws RepositoryException {
+    public void testCreateTwiceWithSameUserID() throws RepositoryException, NotExecutableException {
         String uid = getTestPrincipal().getName();
-        User user = userMgr.createUser(uid, buildPassword(uid, false));
+        User user = createUser(uid, buildPassword(uid, false));
         createdUsers.add(user);
 
         try {
-            User user2 = userMgr.createUser(uid, buildPassword("anyPW", true));
+            User user2 = createUser(uid, buildPassword("anyPW", true));
             createdUsers.add(user2);
 
             fail("Creating 2 users with the same UserID should throw AuthorizableExistsException.");
@@ -206,15 +220,15 @@
         }
     }
 
-    public void testCreateTwiceWithSamePrincipal() throws RepositoryException {
+    public void testCreateTwiceWithSamePrincipal() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = p.getName();
-        User user = userMgr.createUser(uid, buildPassword(uid, true), p, "a/b/c");
+        User user = createUser(uid, buildPassword(uid, true), p, "a/b/c");
         createdUsers.add(user);
 
         try {
             uid = getTestPrincipal().getName();
-            User user2 = userMgr.createUser(uid, buildPassword(uid, false), p, null);
+            User user2 = createUser(uid, buildPassword(uid, false), p, null);
             createdUsers.add(user2);
 
             fail("Creating 2 users with the same Principal should throw AuthorizableExistsException.");
@@ -223,14 +237,45 @@
         }
     }
 
-    public void testGetUserAfterCreation() throws RepositoryException {
+    public void testGetUserAfterCreation() throws RepositoryException, NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = p.getName();
 
-        User user = userMgr.createUser(uid, buildPassword(uid, false));
+        User user = createUser(uid, buildPassword(uid, false));
         createdUsers.add(user);
 
         assertNotNull(userMgr.getAuthorizable(user.getID()));
         assertNotNull(userMgr.getAuthorizable(p));
     }
+
+
+    public void testAutoSave() throws RepositoryException {
+        boolean autosave = userMgr.isAutoSave();
+        if (autosave) {
+            try {
+                userMgr.autoSave(false);
+                autosave = false;
+            } catch (RepositoryException e) {
+                // cannot change autosave behavior
+                // ignore -> test will behave differently.
+            }
+        }
+
+        Principal p = getTestPrincipal();
+        String uid = p.getName();
+
+        User user = userMgr.createUser(uid, buildPassword(uid, false));
+        superuser.refresh(false);
+
+        if (!autosave) {
+            // transient changes must be gone after the refresh-call.
+            assertNull(userMgr.getAuthorizable(uid));
+            assertNull(userMgr.getAuthorizable(p));
+        } else {
+            // changes are persisted automatically -> must not be gone.
+            createdUsers.add(user);
+            assertNotNull(userMgr.getAuthorizable(uid));
+            assertNotNull(userMgr.getAuthorizable(p));
+        }
+    }
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java Thu Oct 22 17:26:37 2009
@@ -33,9 +33,9 @@
 
     public void testGetAuthorizableByPrincipal() throws RepositoryException, NotExecutableException {
         Authorizable auth = null;
-        Set principals = getPrincipalSetFromSession(superuser);
-        for (Iterator it = principals.iterator(); it.hasNext() && auth == null;) {
-            Principal p = (Principal) it.next();
+        Set<Principal> principals = getPrincipalSetFromSession(superuser);
+        for (Iterator<Principal> it = principals.iterator(); it.hasNext() && auth == null;) {
+            Principal p = it.next();
             auth = userMgr.getAuthorizable(p);
         }
         assertNotNull("At least one of the Sessions principal must be a known authorizable to the UserManager", auth);
@@ -43,9 +43,8 @@
 
     public void testGetAuthorizableById() throws RepositoryException, NotExecutableException {
         Authorizable auth = null;
-        Set principals = getPrincipalSetFromSession(superuser);
-        for (Iterator it = principals.iterator(); it.hasNext();) {
-            Principal p = (Principal) it.next();
+        for (Principal principal : getPrincipalSetFromSession(superuser)) {
+            Principal p = principal;
             auth = userMgr.getAuthorizable(p);
 
             if (auth != null) {

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java Thu Oct 22 17:26:37 2009
@@ -69,11 +69,14 @@
         User user = getTestUser(superuser);
         try {
             user.changePassword("pw");
+            save(superuser);
+            
             // make sure the user can login with the new pw
             Session s = getHelper().getRepository().login(new SimpleCredentials(user.getID(), "pw".toCharArray()));
             s.logout();
         } finally {
             user.changePassword(oldPw);
+            save(superuser);
         }
     }
 
@@ -87,6 +90,7 @@
         User user = getTestUser(superuser);
         try {
             user.changePassword("pw");
+            save(superuser);
 
             Session s = getHelper().getRepository().login(new SimpleCredentials(user.getID(), oldPw.toCharArray()));
             s.logout();
@@ -95,6 +99,7 @@
             // success
         } finally {
             user.changePassword(oldPw);
+            save(superuser);
         }
     }
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/NodeImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/NodeImplTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/NodeImplTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/NodeImplTest.java Thu Oct 22 17:26:37 2009
@@ -37,7 +37,6 @@
 import javax.jcr.security.Privilege;
 import java.security.Principal;
 import java.security.acl.Group;
-import java.util.Iterator;
 import java.util.Calendar;
 
 /** <code>NodeImplTest</code>... */
@@ -66,9 +65,9 @@
         }
         if (acl == null) {
             AccessControlPolicy[] acps = acMgr.getPolicies(n.getPath());
-            for (int i = 0; i < acps.length; i++) {
-                if (acps[i] instanceof JackrabbitAccessControlList) {
-                    acl = (JackrabbitAccessControlList) acps[i];
+            for (AccessControlPolicy acp : acps) {
+                if (acp instanceof JackrabbitAccessControlList) {
+                    acl = (JackrabbitAccessControlList) acp;
                     break;
                 }
             }
@@ -87,8 +86,7 @@
     private Principal getReadOnlyPrincipal() throws RepositoryException, NotExecutableException {
         SessionImpl s = (SessionImpl) getHelper().getReadOnlySession();
         try {
-            for (Iterator it = s.getSubject().getPrincipals().iterator(); it.hasNext();) {
-                Principal p = (Principal) it.next();
+            for (Principal p : s.getSubject().getPrincipals()) {
                 if (!(p instanceof Group)) {
                     return p;
                 }
@@ -157,7 +155,6 @@
         } catch (ItemExistsException e) {
         }
     }
-
     /**
      * Test case for JCR-2336. Setting jcr:data (of type BINARY) must convert
      * the String value to a binary.

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/TestAll.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/TestAll.java Thu Oct 22 17:26:37 2009
@@ -56,6 +56,8 @@
         suite.addTestSuite(ConcurrentMoveTest.class);
         suite.addTestSuite(ConcurrentReorderTest.class);
 
+        suite.addTestSuite(UserPerWorkspaceSecurityManagerTest.class);
+
         return suite;
     }
 }

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/UserPerWorkspaceSecurityManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/UserPerWorkspaceSecurityManagerTest.java?rev=828791&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/UserPerWorkspaceSecurityManagerTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/UserPerWorkspaceSecurityManagerTest.java Thu Oct 22 17:26:37 2009
@@ -0,0 +1,332 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core;
+
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.core.security.JackrabbitSecurityManager;
+import org.apache.jackrabbit.core.security.SecurityConstants;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.apache.jackrabbit.test.NotExecutableException;
+import org.apache.jackrabbit.util.Text;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.jcr.Item;
+import javax.jcr.LoginException;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.SimpleCredentials;
+import javax.jcr.UnsupportedRepositoryOperationException;
+import javax.jcr.Node;
+import javax.jcr.Value;
+import java.security.Principal;
+
+/**
+ * <code>SecurityManagerTest</code>...
+ */
+public class UserPerWorkspaceSecurityManagerTest extends AbstractJCRTest {
+
+    /**
+     * logger instance
+     */
+    private static final Logger log = LoggerFactory.getLogger(UserPerWorkspaceSecurityManagerTest.class);
+
+    private JackrabbitSecurityManager secMgr;
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        RepositoryImpl repo = (RepositoryImpl) superuser.getRepository();
+        secMgr = repo.getSecurityManager();
+        if (!(secMgr instanceof UserPerWorkspaceSecurityManager)) {
+            throw new NotExecutableException();
+        }
+    }
+
+    private String getAlternativeWorkspaceName() throws RepositoryException {
+        String altWsp = null;
+        String[] wsps = superuser.getWorkspace().getAccessibleWorkspaceNames();
+        if (wsps.length == 1) {
+            superuser.getWorkspace().createWorkspace("tmp");
+            altWsp = "tmp";
+        } else {
+            for (String name : wsps) {
+                if (!name.equals(superuser.getWorkspace().getName())) {
+                    altWsp = name;
+                    break;
+                }
+            }
+        }
+        return altWsp;
+    }
+
+    public void testSystemUserCreation() throws Exception {
+        String altWsp = getAlternativeWorkspaceName();
+        if (altWsp == null) {
+            throw new NotExecutableException();
+        }       
+
+        // system users must be automatically be created -> login with admin
+        // must therefore succeed.
+        Session s = getHelper().getSuperuserSession(altWsp);
+        try {
+            // admin/anonymous/administrators must be present
+            String adminId = ((UserPerWorkspaceSecurityManager) secMgr).adminId;
+            assertEquals(adminId, s.getUserID());
+
+            UserManager umgr = ((JackrabbitSession) s).getUserManager();
+            assertNotNull(umgr.getAuthorizable(adminId));
+            assertNotNull(umgr.getAuthorizable(((UserPerWorkspaceSecurityManager) secMgr).anonymousId));
+            assertNotNull(umgr.getAuthorizable(SecurityConstants.ADMINISTRATORS_NAME));
+
+        } finally {
+            s.logout();
+        }
+    }
+
+    public void testSystemUsersAreSaved() throws Exception {
+        String adminId = ((UserPerWorkspaceSecurityManager) secMgr).adminId;
+        UserManager umgr = ((JackrabbitSession) superuser).getUserManager();
+        Principal p = umgr.getAuthorizable(adminId).getPrincipal();
+
+        if (p instanceof ItemBasedPrincipal) {
+            Item item = superuser.getItem(((ItemBasedPrincipal) p).getPath());
+            assertFalse(item.isNew());
+            assertFalse(item.isModified());
+        }
+    }
+
+    public void testUsersArePerWorkspace() throws Exception {
+        String altWsp = getAlternativeWorkspaceName();
+        if (altWsp == null) {
+            throw new NotExecutableException();
+        }
+
+        Session s = getHelper().getSuperuserSession(altWsp);
+        User u = null;
+        try {
+            // other users created in the default workspace...
+            u = ((JackrabbitSession) superuser).getUserManager().createUser("testUser", "testUser");
+            superuser.save();
+
+            // ... must not be present in the alternate-workspace
+            UserManager umgr = ((JackrabbitSession) s).getUserManager();
+            assertNull(umgr.getAuthorizable("testUser"));
+
+            try {
+                Session us = getHelper().getRepository().login(new SimpleCredentials("testUser", "testUser".toCharArray()), altWsp);
+                us.logout();
+                fail("testUser must not be able to login to a workspace without this user.");
+            } catch (LoginException e) {
+                // success
+            }
+
+        } finally {
+            s.logout();
+            if (u != null) {
+                u.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    public void testCloneUser() throws Exception {
+        String altWsp = getAlternativeWorkspaceName();
+        if (altWsp == null) {
+            throw new NotExecutableException();
+        }
+
+        UserManager uMgr = ((JackrabbitSession) superuser).getUserManager();
+
+        Session s = getHelper().getSuperuserSession(altWsp);
+        User u = null;
+        try {
+            // other users created in the default workspace...
+            u = uMgr.createUser("testUser", "testUser");
+            superuser.save();
+
+            String userPath = null;
+            if (u.getPrincipal() instanceof ItemBasedPrincipal) {
+                userPath = ((ItemBasedPrincipal) u.getPrincipal()).getPath();
+                assertTrue(superuser.nodeExists(userPath));
+            } else {
+                throw new NotExecutableException();
+            }
+
+            // ... must not be present in the alternate-workspace
+            UserManager umgr = ((JackrabbitSession) s).getUserManager();
+            assertNull(umgr.getAuthorizable("testUser"));
+            assertFalse(s.nodeExists(userPath));
+
+            String clonePath = userPath;
+            String parentPath = Text.getRelativeParent(clonePath, 1);
+            while (!s.nodeExists(parentPath)) {
+                clonePath = parentPath;
+                parentPath = Text.getRelativeParent(parentPath, 1);
+            }
+
+            // clone the user into the second workspace
+            s.getWorkspace().clone(superuser.getWorkspace().getName(), clonePath, clonePath, true);
+
+            // ... now the user must be visible
+            assertNotNull(umgr.getAuthorizable("testUser"));
+            if (userPath != null) {
+                assertTrue(s.nodeExists(userPath));                
+            }
+            // ... and able to login to that workspace
+            Session us = getHelper().getRepository().login(new SimpleCredentials("testUser", "testUser".toCharArray()), altWsp);
+            us.logout();
+
+        } finally {
+            // remove the test user in the second workspace
+            Authorizable dest = ((JackrabbitSession) s).getUserManager().getAuthorizable("testUser");
+            if (dest != null) {
+                dest.remove();
+                s.save();
+            }
+            // logout the session
+            s.logout();
+            if (u != null) {
+                // remove as well in the first workspace
+                u.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    public void testUpdateUser() throws NotExecutableException, RepositoryException {
+        // create the same use in 2 different workspace must make the 'corresponding'
+        // and updating must succeed
+        String altWsp = getAlternativeWorkspaceName();
+        if (altWsp == null) {
+            throw new NotExecutableException();
+        }
+
+        UserManager uMgr = ((JackrabbitSession) superuser).getUserManager();
+
+        Session s = getHelper().getSuperuserSession(altWsp);
+        User u = null;
+        try {
+            // other users created in the default workspace...
+            u = uMgr.createUser("testUser", "testUser");
+            superuser.save();
+
+            String userPath = null;
+            if (u.getPrincipal() instanceof ItemBasedPrincipal) {
+                userPath = ((ItemBasedPrincipal) u.getPrincipal()).getPath();
+                assertTrue(superuser.nodeExists(userPath));
+            } else {
+                throw new NotExecutableException();
+            }
+
+            // ... must not be present in the alternate-workspace
+            UserManager umgr = ((JackrabbitSession) s).getUserManager();
+            assertNull(umgr.getAuthorizable("testUser"));
+            assertFalse(s.nodeExists(userPath));
+
+            User u2 = umgr.createUser("testUser", "testUser");
+            s.save();
+            assertTrue(s.nodeExists(userPath));
+
+            Value value = superuser.getValueFactory().createValue("anyValue");
+            u.setProperty(propertyName1, value);
+            superuser.save();
+
+            // no automatic sync.
+            assertFalse(u2.hasProperty(propertyName1));
+
+            // update nodes
+            Node n2 = s.getNode(userPath);
+            n2.update(superuser.getWorkspace().getName());
+
+            // now the value must be visible
+            assertTrue(u2.hasProperty(propertyName1));
+            assertEquals(value.getString(), u2.getProperty(propertyName1)[0].getString());
+            
+        } finally {
+            // remove the test user in the destination workspace
+            Authorizable dest = ((JackrabbitSession) s).getUserManager().getAuthorizable("testUser");
+            if (dest != null) {
+                dest.remove();
+                s.save();
+            }
+            // logout the session to the destination workspace
+            s.logout();
+            if (u != null) {
+                // and remove it in the default workspace as well
+                u.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    public void testNewUsersCanLogin() throws Exception {
+        Session s = null;
+        User u = null;
+        try {
+            // other users created in the default workspace...
+            u = ((JackrabbitSession) superuser).getUserManager().createUser("testUser", "testUser");
+            superuser.save();
+
+            // the new user must be able to login to the repo
+            s = getHelper().getRepository().login(new SimpleCredentials("testUser", "testUser".toCharArray()));
+
+        } finally {
+            if (s != null) {
+                s.logout();
+            }
+            if (u != null) {
+                u.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    public void testTransientUserCannotLogin() throws RepositoryException, UnsupportedRepositoryOperationException {
+        Session s = null;
+        String uid = "testUser";
+        UserManager umgr = ((JackrabbitSession) superuser).getUserManager();
+        umgr.autoSave(false);
+        try {
+            // other users created in the default workspace...
+            umgr.createUser(uid, uid);
+            // the new user must be able to login to the repo
+            s = getHelper().getRepository().login(new SimpleCredentials(uid, uid.toCharArray()));
+
+            fail("Non-saved user node -> must not be able to login.");
+
+        } catch (LoginException e) {
+            // success
+        } finally {
+            if (s != null) {
+                s.logout();
+            }
+            superuser.refresh(false);
+            Authorizable a = ((JackrabbitSession) superuser).getUserManager().getAuthorizable(uid);
+            if (a != null) {
+                a.remove();
+                superuser.save();
+            }
+            umgr.autoSave(true);
+        }
+    }
+}
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java Thu Oct 22 17:26:37 2009
@@ -17,12 +17,16 @@
 package org.apache.jackrabbit.core.config;
 
 import org.apache.jackrabbit.core.DefaultSecurityManager;
+import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.core.security.DefaultAccessManager;
 import org.apache.jackrabbit.core.security.user.UserManagerImpl;
+import org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager;
 import org.apache.jackrabbit.core.security.authentication.DefaultLoginModule;
 import org.apache.jackrabbit.core.security.simple.SimpleAccessManager;
 import org.apache.jackrabbit.core.security.simple.SimpleSecurityManager;
 import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal;
+import org.apache.jackrabbit.api.security.user.UserManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Document;
@@ -34,12 +38,14 @@
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
+import javax.jcr.Session;
+import javax.jcr.UnsupportedRepositoryOperationException;
+import javax.jcr.RepositoryException;
 import java.io.IOException;
 import java.io.StringReader;
 import java.util.Properties;
 import java.util.List;
 import java.util.ArrayList;
-import java.util.Iterator;
 
 /** <code>SecurityConfigTest</code>... */
 public class SecurityConfigTest extends AbstractJCRTest {
@@ -111,9 +117,10 @@
 
         SecurityManagerConfig smc = config.getSecurityManagerConfig();
 
-        assertNotNull(smc.getUserManagerConfig());
-        BeanConfig umc = smc.getUserManagerConfig();
+        assertEquals(ItemBasedPrincipal.class, smc.getUserIdClass());
 
+        UserManagerConfig umc = smc.getUserManagerConfig();
+        assertNotNull(umc);
         Properties params = umc.getParameters();
         assertNotNull(params);
 
@@ -123,15 +130,87 @@
         assertEquals(2000, Long.parseLong(params.getProperty(UserManagerImpl.PARAM_AUTO_EXPAND_SIZE)));
     }
 
+    public void testUserManagerConfig() throws RepositoryException, UnsupportedRepositoryOperationException {
+        Element xml = parseXML(new InputSource(new StringReader(USER_MANAGER_CONFIG_INVALID)), true);
+        UserManagerConfig umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
+        try {
+            umc.getUserManager(UserManagerImpl.class, new Class[] {String.class}, "invalid");
+            fail("Nonexisting umgr implementation -> instanciation must fail.");
+        } catch (ConfigurationException e) {
+            // success
+        }
+
+        xml = parseXML(new InputSource(new StringReader(USER_MANAGER_CONFIG_IMPL)), true);
+        umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
+
+        // assignable from same class as configured
+        UserManager um = umc.getUserManager(UserManagerImpl.class, new Class[] {
+            SessionImpl.class, String.class}, (SessionImpl) superuser, "admin");
+        assertNotNull(um);
+        assertTrue(um instanceof UserManagerImpl);
+        assertTrue(um.isAutoSave());
+        try {
+            um.autoSave(false);
+            fail("must not be allowed");
+        } catch (RepositoryException e) {
+            // success
+        }
+
+        // derived class expected -> must fail
+        xml = parseXML(new InputSource(new StringReader(USER_MANAGER_CONFIG_IMPL)), true);
+        umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
+        try {
+            um = umc.getUserManager(UserPerWorkspaceUserManager.class, new Class[] {
+                    SessionImpl.class, String.class}, (SessionImpl) superuser, "admin");
+            fail("UserManagerImpl is not assignable from derived class");
+        } catch (ConfigurationException e) {
+            // success
+        }
+
+        // passing invalid parameter types
+        xml = parseXML(new InputSource(new StringReader(USER_MANAGER_CONFIG_IMPL)), true);
+        umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
+        try {
+            um = umc.getUserManager(UserManagerImpl.class, new Class[] {
+                    Session.class}, (SessionImpl) superuser, "admin");
+            fail("Invalid parameter types -> must fail.");
+        } catch (ConfigurationException e) {
+            // success
+        }
+
+        // passing wrong arguments        
+        xml = parseXML(new InputSource(new StringReader(USER_MANAGER_CONFIG_IMPL)), true);
+        umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
+        try {
+            um = umc.getUserManager(UserManagerImpl.class, new Class[] {
+                    SessionImpl.class, String.class}, superuser, 21);
+            fail("Invalid init args -> must fail.");
+        } catch (ConfigurationException e) {
+            // success
+        }
+
+        xml = parseXML(new InputSource(new StringReader(USER_MANAGER_CONFIG_DERIVED)), true);
+        umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
+        // assignable from defines base class
+        um = umc.getUserManager(UserManagerImpl.class, new Class[] {
+            SessionImpl.class, String.class}, (SessionImpl) superuser, "admin");
+        assertNotNull(um);
+        assertTrue(um instanceof UserPerWorkspaceUserManager);
+        // but: configured class creates a umgr that requires session.save
+        assertTrue(um.isAutoSave());
+        // changing autosave behavior must succeed.
+        um.autoSave(false);
+    }
+
     public void testInvalidConfig() {
-        List invalid = new ArrayList();
+        List<InputSource> invalid = new ArrayList();
         invalid.add(new InputSource(new StringReader(INVALID_CONFIG_1)));
         invalid.add(new InputSource(new StringReader(INVALID_CONFIG_2)));
         invalid.add(new InputSource(new StringReader(INVALID_CONFIG_3)));
 
-        for (Iterator it = invalid.iterator(); it.hasNext();) {
+        for (Object anInvalid : invalid) {
             try {
-                Element xml = parseXML((InputSource) it.next(), false);
+                Element xml = parseXML((InputSource) anInvalid, false);
                 parser.parseSecurityConfig(xml);
                 fail("Invalid config -> should fail.");
             } catch (ConfigurationException e) {
@@ -189,6 +268,7 @@
             "           <param name=\"autoExpandTree\" value=\"true\"/>" +
             "           <param name=\"autoExpandSize\" value=\"2000\"/>" +
             "           </UserManager>" +
+            "           <UserIdClass class=\"org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal\"/>" +
             "        </SecurityManager>" +
             "        <AccessManager class=\"org.apache.jackrabbit.core.security.DefaultAccessManager\">" +
             "        </AccessManager>" +
@@ -213,4 +293,25 @@
             "    <Security appName=\"Jackrabbit\">" +
             "        <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
             "    </Security>";
+
+    private static final String USER_MANAGER_CONFIG_INVALID =
+                    "    <Security appName=\"Jackrabbit\">" +
+                    "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\" workspaceName=\"security\">" +
+                    "           <UserManager class=\"org.apache.jackrabbit.core.security.user.NonExisting\" />" +
+                    "        </SecurityManager>" +
+                    "    </Security>";
+
+    private static final String USER_MANAGER_CONFIG_IMPL =
+                    "    <Security appName=\"Jackrabbit\">" +
+                    "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\" workspaceName=\"security\">" +
+                    "           <UserManager class=\"org.apache.jackrabbit.core.security.user.UserManagerImpl\" />" +
+                    "        </SecurityManager>" +
+                    "    </Security>";
+
+    private static final String USER_MANAGER_CONFIG_DERIVED =
+                    "    <Security appName=\"Jackrabbit\">" +
+                    "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\" workspaceName=\"security\">" +
+                    "           <UserManager class=\"org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager\" />" +
+                    "        </SecurityManager>" +
+                    "    </Security>";
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/WorkspaceConfigTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/WorkspaceConfigTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/WorkspaceConfigTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/WorkspaceConfigTest.java Thu Oct 22 17:26:37 2009
@@ -16,13 +16,26 @@
  */
 package org.apache.jackrabbit.core.config;
 
-import java.io.InputStream;
-import java.util.Properties;
-
 import junit.framework.TestCase;
-
-import org.xml.sax.InputSource;
 import org.apache.jackrabbit.core.security.authorization.AccessControlProvider;
+import org.apache.jackrabbit.core.security.user.UserImporter;
+import org.apache.jackrabbit.core.xml.AccessControlImporter;
+import org.apache.jackrabbit.core.xml.ProtectedNodeImporter;
+import org.apache.jackrabbit.core.xml.ProtectedPropertyImporter;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringReader;
+import java.util.List;
+import java.util.Properties;
 
 /**
  * Test cases for workspace configuration handling.
@@ -68,4 +81,114 @@
             }
         }
     }
+
+    public void testImportConfig() throws Exception {
+        // XML_1 ---------------------------------------------------------------
+        Element xml = parseXML(new InputSource(new StringReader(XML_1)), true);
+        ImportConfig config = parser.parseImportConfig(xml);
+
+        List<ProtectedNodeImporter> ln = config.getProtectedNodeImporters();
+        assertEquals(1, ln.size());
+        assertTrue(ln.get(0) instanceof AccessControlImporter);
+
+        List<ProtectedPropertyImporter> lp = config.getProtectedPropertyImporters();
+        assertEquals(1, lp.size());
+        assertTrue(lp.get(0) instanceof UserImporter);
+
+        // XML_2 ---------------------------------------------------------------
+        xml = parseXML(new InputSource(new StringReader(XML_2)), true);
+        config = parser.parseImportConfig(xml);
+
+        ln = config.getProtectedNodeImporters();
+        assertTrue(ln.isEmpty());
+
+        lp = config.getProtectedPropertyImporters();
+        assertTrue(lp.isEmpty());
+
+        // XML_3 ---------------------------------------------------------------
+        xml = parseXML(new InputSource(new StringReader(XML_3)), true);
+        config = parser.parseImportConfig(xml);
+
+        ln = config.getProtectedNodeImporters();
+        assertEquals(2, ln.size());
+
+        lp = config.getProtectedPropertyImporters();
+        assertEquals(2, lp.size());
+
+        // XML_4 ---------------------------------------------------------------
+        xml = parseXML(new InputSource(new StringReader(XML_4)), true);
+        config = parser.parseImportConfig(xml);
+
+        ln = config.getProtectedNodeImporters();
+        assertEquals(1, ln.size());
+
+        lp = config.getProtectedPropertyImporters();
+        assertEquals(1, lp.size());
+
+        // XML_5 ---------------------------------------------------------------
+        xml = parseXML(new InputSource(new StringReader(XML_5)), true);
+        config = parser.parseImportConfig(xml);
+
+        lp = config.getProtectedPropertyImporters();
+        assertEquals(1, lp.size());
+        assertTrue(lp.get(0) instanceof UserImporter);
+        assertEquals(UserImporter.ImportBehavior.NAME_BESTEFFORT, ((UserImporter)lp.get(0)).getImportBehavior());
+    }
+
+    private static Element parseXML(InputSource xml, boolean validate) throws ConfigurationException {
+        try {
+            DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+            factory.setValidating(validate);
+            DocumentBuilder builder = factory.newDocumentBuilder();
+            if (validate) {
+                builder.setErrorHandler(new ConfigurationErrorHandler());
+            }
+            builder.setEntityResolver(ConfigurationEntityResolver.INSTANCE);
+            Document document = builder.parse(xml);
+            return document.getDocumentElement();
+        } catch (ParserConfigurationException e) {
+            throw new ConfigurationException("Unable to create configuration XML parser", e);
+        } catch (SAXParseException e) {
+            throw new ConfigurationException("Configuration file syntax error. (Line: " + e.getLineNumber() + " Column: " + e.getColumnNumber() + ")", e);
+        } catch (SAXException e) {
+            throw new ConfigurationException("Configuration file syntax error. ", e);
+        } catch (IOException e) {
+            throw new ConfigurationException("Configuration file could not be read.", e);
+        }
+    }
+
+
+
+    private static final String XML_1 =
+            " <Workspace><Import>\n" +
+                    "    <ProtectedNodeImporter class=\"org.apache.jackrabbit.core.xml.AccessControlImporter\"/>\n" +
+                    "    <ProtectedPropertyImporter class=\"org.apache.jackrabbit.core.security.user.UserImporter\"/>\n" +
+                    " </Import></Workspace>";
+
+    private static final String XML_2 =
+            " <Workspace><Import>\n" +
+                    " </Import></Workspace>";
+
+    private static final String XML_3 =
+            " <Workspace><Import>\n" +
+                    "    <ProtectedNodeImporter class=\"org.apache.jackrabbit.core.xml.AccessControlImporter\"/>\n" +
+                    "    <ProtectedPropertyImporter class=\"org.apache.jackrabbit.core.security.user.UserImporter\"/>\n" +
+                    "    <ProtectedNodeImporter class=\"org.apache.jackrabbit.core.xml.DefaultProtectedNodeImporter\"/>\n" +
+                    "    <ProtectedPropertyImporter class=\"org.apache.jackrabbit.core.xml.DefaultProtectedPropertyImporter\"/>\n" +
+                    " </Import></Workspace>";
+
+    private static final String XML_4 =
+            " <Workspace><Import>\n" +
+                    "    <ProtectedNodeImporter class=\"org.apache.jackrabbit.core.xml.AccessControlImporter\"/>\n" +
+                    "    <ProtectedPropertyImporter class=\"org.apache.jackrabbit.core.security.user.UserImporter\"/>\n" +
+                    "    <ProtectedNodeImporter class=\"org.apache.jackrabbit.core.InvalidImporter\"/>\n" +
+                    "    <ProtectedPropertyImporter class=\"org.apache.jackrabbit.core.InvalidImporter\"/>\n" +
+                    " </Import></Workspace>";
+
+    private static final String XML_5 =
+            " <Workspace><Import>\n" +
+                    "    <ProtectedPropertyImporter class=\"org.apache.jackrabbit.core.security.user.UserImporter\">" +
+                    "       <param name=\"importBehavior\" value=\"besteffort\"/>" +
+                    "    </ProtectedPropertyImporter>\n" +
+                    " </Import></Workspace>";
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java Thu Oct 22 17:26:37 2009
@@ -20,6 +20,7 @@
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
 import org.slf4j.Logger;
@@ -45,6 +46,7 @@
 
     private static Logger log = LoggerFactory.getLogger(AbstractEvaluationTest.class);
 
+    private String uid;
     protected User testUser;
     protected Credentials creds;
     
@@ -63,10 +65,13 @@
         try {
             UserManager uMgr = getUserManager(superuser);
             // create the testUser
-            String uid = "testUser" + UUID.randomUUID();
+            uid = "testUser" + UUID.randomUUID();
             creds = new SimpleCredentials(uid, uid.toCharArray());
 
             testUser = uMgr.createUser(uid, uid);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
         } catch (Exception e) {
             superuser.logout();
             throw e;
@@ -90,8 +95,14 @@
         if (testSession != null && testSession.isLive()) {
             testSession.logout();
         }
-        if (testUser != null) {
-            testUser.remove();
+        if (uid != null) {
+            Authorizable a = getUserManager(superuser).getAuthorizable(uid);
+            if (a != null) {
+                a.remove();
+                if (!getUserManager(superuser).isAutoSave()) {
+                    superuser.save();
+                }
+            }
         }
         super.tearDown();
     }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java Thu Oct 22 17:26:37 2009
@@ -75,7 +75,7 @@
         modifyPrivileges(trn.getPath(), Privilege.JCR_VERSION_MANAGEMENT, true);
 
         Node n = createVersionableNode(trn);
-        Version v = n.checkin();
+        n.checkin();
         n.checkout();
     }
 

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java Thu Oct 22 17:26:37 2009
@@ -18,7 +18,7 @@
 
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.api.security.user.Group;
-import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.jackrabbit.core.security.TestPrincipal;
 import org.apache.jackrabbit.test.JUnitTest;
 import org.apache.jackrabbit.test.NotExecutableException;
@@ -87,23 +87,29 @@
 
     protected void tearDown() throws Exception {
         // make sure all ac info is removed
-        if (testGroup != null && testUser != null) {
-            testGroup.removeMember(testUser);
-            testGroup.remove();
+        try {
+            if (testGroup != null && testUser != null) {
+                testGroup.removeMember(testUser);
+                testGroup.remove();
+                if (!getUserManager(superuser).isAutoSave() && superuser.hasPendingChanges()) {
+                    superuser.save();
+                }
+            }
+        } finally {
+            super.tearDown();
         }
-        super.tearDown();
-    }
-
-    protected User getTestUser() {
-        return testUser;
     }
 
     protected Group getTestGroup() throws RepositoryException, NotExecutableException {
         if (testGroup == null) {
             // create the testGroup
             Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
-            testGroup = getUserManager(superuser).createGroup(principal);
+            UserManager umgr = getUserManager(superuser);
+            testGroup = umgr.createGroup(principal);
             testGroup.addMember(testUser);
+            if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
+                superuser.save();
+            }
         }
         return testGroup;
     }
@@ -945,6 +951,9 @@
 
         // remove the test user
         testUser.remove();
+        if (!getUserManager(superuser).isAutoSave() && superuser.hasPendingChanges()) {
+            superuser.save();
+        }
         testUser = null;
 
         // try to retrieve the acl again

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java Thu Oct 22 17:26:37 2009
@@ -17,10 +17,12 @@
 package org.apache.jackrabbit.core.security.authorization.acl;
 
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
+import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.core.security.authorization.AbstractWriteTest;
 import org.apache.jackrabbit.core.security.authorization.AccessControlConstants;
 import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
+import org.apache.jackrabbit.core.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.test.NotExecutableException;
 
 import javax.jcr.AccessDeniedException;
@@ -109,7 +111,7 @@
         // test if testuser can modify AC-items
         // 1) add an ac-entry
         ACLTemplate acl = (ACLTemplate) policies[0];
-        acl.addAccessControlEntry(getTestUser().getPrincipal(), privilegesFromName(PrivilegeRegistry.REP_WRITE));
+        acl.addAccessControlEntry(testUser.getPrincipal(), privilegesFromName(PrivilegeRegistry.REP_WRITE));
         testAcMgr.setPolicy(path, acl);
         testSession.save();
 
@@ -214,4 +216,51 @@
         // remove_child_node privilege is missing on the direct ancestor.
         assertFalse(testSession.hasPermission(gcPath, Session.ACTION_REMOVE));
     }
+
+    public void testInheritedGroupPermissions() throws NotExecutableException, RepositoryException {
+        Group testGroup = getTestGroup();
+        AccessControlManager testAcMgr = getTestACManager();
+        /*
+         precondition:
+         testuser must have READ-only permission on test-node and below
+        */
+        checkReadOnly(path);
+
+        Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
+
+        /* give MODIFY_PROPERTIES privilege for testGroup at 'path' */
+        givePrivileges(path, testGroup.getPrincipal(), privileges, getRestrictions(superuser, path));
+        /*
+         withdraw MODIFY_PROPERTIES privilege for everyone at 'childNPath'
+         */
+        withdrawPrivileges(childNPath, EveryonePrincipal.getInstance(), privileges, getRestrictions(superuser, path));
+
+        // result at 'child path' must be deny
+        assertFalse(testAcMgr.hasPrivileges(childNPath, privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES)));    
+    }
+
+    public void testInheritedGroupPermissions2() throws NotExecutableException, RepositoryException {
+        Group testGroup = getTestGroup();
+        AccessControlManager testAcMgr = getTestACManager();
+        /*
+         precondition:
+         testuser must have READ-only permission on test-node and below
+        */
+        checkReadOnly(path);
+
+        Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
+
+        // NOTE: same as testInheritedGroupPermissions above but using
+        // everyone on path, testgroup on childpath -> result must be the same
+
+        /* give MODIFY_PROPERTIES privilege for everyone at 'path' */
+        givePrivileges(path, EveryonePrincipal.getInstance(), privileges, getRestrictions(superuser, path));
+        /*
+         withdraw MODIFY_PROPERTIES privilege for testGroup at 'childNPath'
+         */
+        withdrawPrivileges(childNPath, testGroup.getPrincipal(), privileges, getRestrictions(superuser, path));
+
+        // result at 'child path' must be deny
+        assertFalse(testAcMgr.hasPrivileges(childNPath, privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES)));
+    }
 }
\ No newline at end of file



Mime
View raw message