jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r828791 [6/8] - in /jackrabbit/trunk: jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/ jackrabbi...
Date Thu, 22 Oct 2009 17:26:39 GMT
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java Thu Oct 22 17:26:37 2009
@@ -49,7 +49,7 @@
 
         // simple test to check if proper provider is present:
         try {
-            getPrincipalBasedPolicy(acMgr, path, getTestUser().getPrincipal());
+            getPrincipalBasedPolicy(acMgr, path, testUser.getPrincipal());
         } catch (Exception e) {
             superuser.logout();
             throw e;
@@ -135,7 +135,7 @@
         assertFalse(testAcMgr.hasPrivileges(path, readPrivs));
 
         // remove the nodebased policy
-        JackrabbitAccessControlList policy = getPolicy(acMgr, path, getTestUser().getPrincipal());
+        JackrabbitAccessControlList policy = getPolicy(acMgr, path, testUser.getPrincipal());
         acMgr.removePolicy(policy.getPath(), policy);
         superuser.save();
 
@@ -152,7 +152,7 @@
         givePrivileges(path, wrtPrivileges, getRestrictions(superuser, path));
         // userbased: deny MODIFY_PROPERTIES privileges for 'testUser'
         Privilege[] modPropPrivs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
-        withdrawPrivileges(path, getTestUser().getPrincipal(), modPropPrivs, getPrincipalBasedRestrictions(path), false);
+        withdrawPrivileges(path, testUser.getPrincipal(), modPropPrivs, getPrincipalBasedRestrictions(path), false);
         /*
          expected result:
          - MODIFY_PROPERTIES privilege still present
@@ -162,7 +162,7 @@
 
         // nodebased: deny MODIFY_PROPERTIES privileges for 'testUser'
         //            on a child node.
-        withdrawPrivileges(childNPath, getTestUser().getPrincipal(), modPropPrivs, getRestrictions(superuser, childNPath));
+        withdrawPrivileges(childNPath, testUser.getPrincipal(), modPropPrivs, getRestrictions(superuser, childNPath));
         /*
          expected result:
          - MODIFY_PROPERTIES privilege still present at 'path'

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java Thu Oct 22 17:26:37 2009
@@ -73,10 +73,14 @@
     }
 
     public void testEditor() throws NotExecutableException, RepositoryException {
+        UserManager uMgr = getUserManager(superuser);        
         User u = null;
         try {
-            UserManager uMgr = getUserManager(superuser);
             u = uMgr.createUser("t", "t");
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+
             Principal p = u.getPrincipal();
 
             JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);
@@ -103,19 +107,23 @@
             superuser.refresh(false);
             if (u != null) {
                 u.remove();
+                if (!uMgr.isAutoSave()) {
+                    superuser.save();
+                }
             }
         }
     }
 
     public void testEditor2() throws NotExecutableException, RepositoryException {
+        UserManager uMgr = getUserManager(superuser);
         User u = null;
         User u2 = null;
-
         try {
-            UserManager uMgr = getUserManager(superuser);
-
             u = uMgr.createUser("t", "t");
             u2 = uMgr.createUser("tt", "tt", new TestPrincipal("tt"), "t/tt");
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
 
             Principal p = u.getPrincipal();
             Principal p2 = u2.getPrincipal();
@@ -140,7 +148,10 @@
             superuser.refresh(false);
             if (u2 != null) u2.remove();
             if (u != null) u.remove();
-     }
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        }
 
     }
     // TODO: add specific tests with other restrictions

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProviderTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProviderTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProviderTest.java Thu Oct 22 17:26:37 2009
@@ -64,7 +64,7 @@
         assertFalse(pit.hasNext());
     }
 
-    public void testInheritedMemberShip() throws RepositoryException {
+    public void testInheritedMemberShip() throws RepositoryException, NotExecutableException {
         Principal up = getTestPrincipal();
 
         User u = null;
@@ -74,9 +74,12 @@
             u = userMgr.createUser(up.getName(), buildPassword(up));
             gr1 = userMgr.createGroup(getTestPrincipal());
             gr2 = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
+
 
             gr1.addMember(gr2);
             gr2.addMember(u);
+            save(superuser);
 
             PrincipalIterator it = principalProvider.getGroupMembership(u.getPrincipal());
             while (it.hasNext()) {
@@ -96,6 +99,7 @@
             if (gr1 != null) gr1.remove();
             if (gr2 != null) gr2.remove();
             if (u != null) u.remove();
+            save(superuser);
         }
     }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AdministratorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AdministratorTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AdministratorTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AdministratorTest.java Thu Oct 22 17:26:37 2009
@@ -18,33 +18,142 @@
 
 import org.apache.jackrabbit.api.security.user.AbstractUserTest;
 import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.core.NodeImpl;
+import org.apache.jackrabbit.core.security.SecurityConstants;
 import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
 import org.apache.jackrabbit.test.NotExecutableException;
 
+import javax.jcr.Node;
 import javax.jcr.RepositoryException;
+import javax.jcr.Session;
 
 /**
  * <code>AdministratorTest</code>...
  */
 public class AdministratorTest extends AbstractUserTest {
 
+    private String adminId;
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        if (!(userMgr instanceof UserManagerImpl)) {
+            throw new NotExecutableException();
+        }
+        adminId = superuser.getUserID();
+        if (!((UserManagerImpl) userMgr).isAdminId(adminId)) {
+            throw new NotExecutableException();
+        }
+    }
+
     public void testGetPrincipal() throws RepositoryException {
-        Authorizable authr = userMgr.getAuthorizable(superuser.getUserID());
-        assertNotNull(authr);
-        assertFalse(authr.isGroup());
-        assertTrue(authr.getPrincipal() instanceof AdminPrincipal);
+        Authorizable admin = userMgr.getAuthorizable(adminId);
+        assertNotNull(admin);
+        assertFalse(admin.isGroup());
+        assertTrue(admin.getPrincipal() instanceof AdminPrincipal);
+    }
+
+    public void testMemberOfAdministrators() throws RepositoryException {
+        Authorizable admins = userMgr.getAuthorizable(SecurityConstants.ADMINISTRATORS_NAME);
+        if (admins != null && admins.isGroup()) {
+            assertTrue(((Group) admins).isMember(userMgr.getAuthorizable(adminId)));
+        }
     }
 
     public void testRemoveSelf() throws RepositoryException, NotExecutableException {
-        Authorizable authr = userMgr.getAuthorizable(superuser.getUserID());
-        if (authr == null) {
+        Authorizable admin = userMgr.getAuthorizable(adminId);
+        if (admin == null) {
             throw new NotExecutableException();
         }
         try {
-            authr.remove();
+            admin.remove();
             fail("The Administrator should not be allowed to remove the own authorizable.");
         } catch (RepositoryException e) {
             // success
         }
     }
+
+    public void testRemoveAdminNode() throws RepositoryException, NotExecutableException {
+        Authorizable admin = userMgr.getAuthorizable(adminId);
+
+        if (admin == null || !(admin instanceof AuthorizableImpl)) {
+            throw new NotExecutableException();
+        }
+
+        // access the node corresponding to the admin user and remove it
+        NodeImpl adminNode = ((AuthorizableImpl) admin).getNode();
+        Session s = adminNode.getSession();
+        adminNode.remove();
+        // use session obtained from the node as usermgr may point to a dedicated
+        // system workspace different from the superusers workspace.
+        s.save();
+
+        // after removing the node the admin user doesn't exist any more
+        assertNull(userMgr.getAuthorizable(adminId));
+
+        // login must succeed as system user mgr recreateds the admin user
+        Session s2 = getHelper().getSuperuserSession();
+        try {
+            admin = userMgr.getAuthorizable(adminId);
+            assertNotNull(admin);
+            assertNotNull(getUserManager(s2).getAuthorizable(adminId));
+        } finally {
+            s2.logout();
+        }
+    }
+
+    /**
+     * Test for collisions that would prevent from recreate the admin user.
+     * 
+     * @throws RepositoryException
+     * @throws NotExecutableException
+     */
+    public void testCollidingAdminNode() throws RepositoryException, NotExecutableException {
+        Authorizable admin = userMgr.getAuthorizable(adminId);
+
+        if (admin == null || !(admin instanceof AuthorizableImpl)) {
+            throw new NotExecutableException();
+        }
+
+        // access the node corresponding to the admin user and remove it
+        NodeImpl adminNode = ((AuthorizableImpl) admin).getNode();
+        String adminPath = adminNode.getPath();
+        String adminNodeName = adminNode.getName();
+        Node parentNode = adminNode.getParent();
+
+        Session s = adminNode.getSession();
+        adminNode.remove();
+        // use session obtained from the node as usermgr may point to a dedicated
+        // system workspace different from the superusers workspace.
+        s.save();
+
+        Session s2 = null;
+        try {
+            // no create a colliding node:
+            parentNode.addNode(adminNodeName, "rep:AuthorizableFolder");
+            s.save();
+
+            // force recreation of admin user.
+            s2 = getHelper().getSuperuserSession();
+
+            admin = userMgr.getAuthorizable(adminId);
+            assertNotNull(admin);
+            assertEquals(adminNodeName, ((AuthorizableImpl) admin).getNode().getName());
+            assertFalse(adminPath.equals(((AuthorizableImpl) admin).getNode().getPath()));
+
+        } finally {
+            if (s2 == null) {
+                // something went wrong -> remove the folder again.
+                parentNode.remove();
+                s.save();
+                // force recreation of admin user.
+                s2 = getHelper().getSuperuserSession();
+            }
+            if (s2 != null) {
+                s2.logout();
+            }
+        }
+    }
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AuthorizableImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AuthorizableImplTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AuthorizableImplTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/AuthorizableImplTest.java Thu Oct 22 17:26:37 2009
@@ -20,34 +20,34 @@
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.jackrabbit.core.NodeImpl;
-import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.core.PropertyImpl;
+import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.spi.commons.conversion.NameResolver;
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.apache.jackrabbit.value.StringValue;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import javax.jcr.Property;
+import javax.jcr.PropertyIterator;
 import javax.jcr.RepositoryException;
 import javax.jcr.Value;
-import javax.jcr.PropertyIterator;
+import javax.jcr.PropertyType;
 import javax.jcr.nodetype.ConstraintViolationException;
-import javax.jcr.nodetype.NodeType;
 import java.util.ArrayList;
-import java.util.Iterator;
 import java.util.List;
+import java.util.Iterator;
+import java.util.HashSet;
+import java.util.Set;
+import java.security.Principal;
 
 /**
  * <code>AuthorizableImplTest</code>...
  */
 public class AuthorizableImplTest extends AbstractUserTest {
 
-    private static Logger log = LoggerFactory.getLogger(AuthorizableImplTest.class);
-
-    private List protectedUserProps = new ArrayList();
-    private List protectedGroupProps = new ArrayList();
+    private List<String> protectedUserProps = new ArrayList();
+    private List<String> protectedGroupProps = new ArrayList();
 
     protected void setUp() throws Exception {
         super.setUp();
@@ -55,11 +55,10 @@
         if (superuser instanceof SessionImpl) {
             NameResolver resolver = (SessionImpl) superuser;
             protectedUserProps.add(resolver.getJCRName(UserConstants.P_PASSWORD));
-            protectedUserProps.add(resolver.getJCRName(UserConstants.P_GROUPS));
             protectedUserProps.add(resolver.getJCRName(UserConstants.P_IMPERSONATORS));
             protectedUserProps.add(resolver.getJCRName(UserConstants.P_PRINCIPAL_NAME));
 
-            protectedUserProps.add(resolver.getJCRName(UserConstants.P_GROUPS));
+            protectedUserProps.add(resolver.getJCRName(UserConstants.P_MEMBERS));
             protectedGroupProps.add(resolver.getJCRName(UserConstants.P_PRINCIPAL_NAME));
         } else {
             throw new NotExecutableException();
@@ -85,22 +84,22 @@
         Value v = superuser.getValueFactory().createValue("any_value");
 
         User u = getTestUser(superuser);
-        for (Iterator it = protectedUserProps.iterator(); it.hasNext();) {
-            String pName = it.next().toString();
+        for (String pName : protectedUserProps) {
             try {
                 u.setProperty(pName, v);
-                fail("changing the '" +pName+ "' property on a User should fail.");
+                save(superuser);
+                fail("changing the '" + pName + "' property on a User should fail.");
             } catch (RepositoryException e) {
                 // success
             }
         }
         
         Group g = getTestGroup(superuser);
-        for (Iterator it = protectedGroupProps.iterator(); it.hasNext();) {
-            String pName = it.next().toString();
+        for (String pName : protectedGroupProps) {
             try {
                 g.setProperty(pName, v);
-                fail("changing the '" +pName+ "' property on a Group should fail.");
+                save(superuser);
+                fail("changing the '" + pName + "' property on a Group should fail.");
             } catch (RepositoryException e) {
                 // success
             }
@@ -109,21 +108,21 @@
 
     public void testRemoveSpecialProperties() throws NotExecutableException, RepositoryException {
         User u = getTestUser(superuser);
-        for (Iterator it = protectedUserProps.iterator(); it.hasNext();) {
-            String pName = it.next().toString();
+        for (String pName : protectedUserProps) {
             try {
                 u.removeProperty(pName);
-                fail("removing the '" +pName+ "' property on a User should fail.");
+                save(superuser);
+                fail("removing the '" + pName + "' property on a User should fail.");
             } catch (RepositoryException e) {
                 // success
             }
         }
         Group g = getTestGroup(superuser);
-        for (Iterator it = protectedGroupProps.iterator(); it.hasNext();) {
-            String pName = it.next().toString();
+        for (String pName : protectedGroupProps) {
             try {
                 g.removeProperty(pName);
-                fail("removing the '" +pName+ "' property on a Group should fail.");
+                save(superuser);
+                fail("removing the '" + pName + "' property on a Group should fail.");
             } catch (RepositoryException e) {
                 // success
             }
@@ -136,9 +135,6 @@
 
         checkProtected(n.getProperty(UserConstants.P_PASSWORD));
         checkProtected(n.getProperty(UserConstants.P_PRINCIPAL_NAME));
-        if (n.hasProperty(UserConstants.P_GROUPS)) {
-            checkProtected(n.getProperty(UserConstants.P_GROUPS));
-        }
         if (n.hasProperty(UserConstants.P_IMPERSONATORS)) {
            checkProtected(n.getProperty(UserConstants.P_IMPERSONATORS));
         }
@@ -149,8 +145,17 @@
         NodeImpl n = gr.getNode();
 
         checkProtected(n.getProperty(UserConstants.P_PRINCIPAL_NAME));
-        if (n.hasProperty(UserConstants.P_GROUPS)) {
-            checkProtected(n.getProperty(UserConstants.P_GROUPS));
+        if (n.hasProperty(UserConstants.P_MEMBERS)) {
+            checkProtected(n.getProperty(UserConstants.P_MEMBERS));
+        }
+    }
+
+    public void testMembersPropertyType() throws NotExecutableException, RepositoryException {
+        GroupImpl gr = (GroupImpl) getTestGroup(superuser);
+        NodeImpl n = gr.getNode();
+
+        if (n.hasProperty(UserConstants.P_MEMBERS)) {
+            assertEquals(PropertyType.WEAKREFERENCE, n.getProperty(UserConstants.P_MEMBERS).getType());
         }
     }
 
@@ -194,9 +199,7 @@
 
         for (PropertyIterator it = n.getProperties(); it.hasNext();) {
             PropertyImpl p = (PropertyImpl) it.nextProperty();
-            NodeType declaringNt = p.getDefinition().getDeclaringNodeType();
-            if (!declaringNt.isNodeType("rep:Authorizable") ||
-                    protectedUserProps.contains(p.getName())) {
+            if (p.getDefinition().isProtected()) {
                 assertFalse(user.hasProperty(p.getName()));
                 assertNull(user.getProperty(p.getName()));
             } else {
@@ -213,9 +216,7 @@
 
         for (PropertyIterator it = n.getProperties(); it.hasNext();) {
             PropertyImpl p = (PropertyImpl) it.nextProperty();
-            NodeType declaringNt = p.getDefinition().getDeclaringNodeType();
-            if (!declaringNt.isNodeType("rep:Authorizable") ||
-                    protectedGroupProps.contains(p.getName())) {
+            if (p.getDefinition().isProtected()) {
                 assertFalse(group.hasProperty(p.getName()));
                 assertNull(group.getProperty(p.getName()));
             } else {
@@ -225,4 +226,111 @@
             }
         }
     }
+
+    public void testSingleToMultiValued() throws Exception {
+        AuthorizableImpl user = (AuthorizableImpl) getTestUser(superuser);
+        UserManager uMgr = getUserManager(superuser);
+        try {
+            Value v = superuser.getValueFactory().createValue("anyValue");
+            user.setProperty("someProp", v);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+            Value[] vs = new Value[] {v, v};
+            user.setProperty("someProp", vs);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        } finally {
+            if (user.removeProperty("someProp") && !uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        }
+    }
+
+    public void testMultiValuedToSingle() throws Exception {
+        AuthorizableImpl user = (AuthorizableImpl) getTestUser(superuser);
+        UserManager uMgr = getUserManager(superuser);
+        try {
+            Value v = superuser.getValueFactory().createValue("anyValue");
+            Value[] vs = new Value[] {v, v};
+            user.setProperty("someProp", vs);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+            user.setProperty("someProp", v);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        } finally {
+            if (user.removeProperty("someProp") && !uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        }
+    }
+
+    public void testObjectMethods() throws Exception {
+        final AuthorizableImpl user = (AuthorizableImpl) getTestUser(superuser);
+        AuthorizableImpl user2 = (AuthorizableImpl) getTestUser(superuser);
+
+        assertEquals(user, user2);
+        assertEquals(user.hashCode(), user2.hashCode());
+        Set<Authorizable> s = new HashSet();
+        s.add(user);
+        assertFalse(s.add(user2));
+
+        Authorizable user3 = new Authorizable() {
+
+            public String getID() throws RepositoryException {
+                return user.getID();
+            }
+
+            public boolean isGroup() {
+                return user.isGroup();
+            }
+
+            public Principal getPrincipal() throws RepositoryException {
+                return user.getPrincipal();
+            }
+
+            public Iterator<Group> declaredMemberOf() throws RepositoryException {
+                return user.declaredMemberOf();
+            }
+
+            public Iterator<Group> memberOf() throws RepositoryException {
+                return user.memberOf();
+            }
+
+            public void remove() throws RepositoryException {
+                user.remove();
+            }
+
+            public Iterator<String> getPropertyNames() throws RepositoryException {
+                return user.getPropertyNames();
+            }
+
+            public boolean hasProperty(String name) throws RepositoryException {
+                return user.hasProperty(name);
+            }
+
+            public void setProperty(String name, Value value) throws RepositoryException {
+                user.setProperty(name, value);
+            }
+
+            public void setProperty(String name, Value[] values) throws RepositoryException {
+                user.setProperty(name, values);
+            }
+
+            public Value[] getProperty(String name) throws RepositoryException {
+                return user.getProperty(name);
+            }
+
+            public boolean removeProperty(String name) throws RepositoryException {
+                return user.removeProperty(name);
+            }
+        };
+
+        assertFalse(user.equals(user3));
+        assertTrue(s.add(user3));
+    }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/GroupAdministratorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/GroupAdministratorTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/GroupAdministratorTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/GroupAdministratorTest.java Thu Oct 22 17:26:37 2009
@@ -29,6 +29,7 @@
 import javax.jcr.Credentials;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
+import javax.jcr.Node;
 import java.security.Principal;
 import java.util.Iterator;
 
@@ -45,6 +46,7 @@
     private String otherUID2;
     private String grID;
 
+    private String groupsPath;
 
     private Group groupAdmin;
 
@@ -54,6 +56,7 @@
         // create a first user
         Principal p = getTestPrincipal();
         UserImpl pUser = (UserImpl) userMgr.createUser(p.getName(), buildPassword(p));
+        save(superuser);
         otherUID = pUser.getID();
 
         // create a second user and make it group-admin
@@ -61,19 +64,23 @@
         String pw = buildPassword(p);
         Credentials creds = buildCredentials(p.getName(), pw);
         User user = userMgr.createUser(p.getName(), pw);
+        save(superuser);
         uID = user.getID();
 
         // make other user a group-administrator:
         Authorizable grAdmin = userMgr.getAuthorizable(UserConstants.GROUP_ADMIN_GROUP_NAME);
         if (grAdmin == null || !grAdmin.isGroup()) {
-            throw new NotExecutableException("Cannot execute test. Group-Admin name has been changed by config.");
+            throw new NotExecutableException("Cannot execute test. No group-administrator group found.");
         }
         groupAdmin = (Group) grAdmin;
         groupAdmin.addMember(user);
+        save(superuser);
         grID = groupAdmin.getID();
 
         // create a session for the grou-admin user.
         uSession = getHelper().getRepository().login(creds);
+
+        groupsPath = (userMgr instanceof UserManagerImpl) ? ((UserManagerImpl) userMgr).getGroupsPath() : UserConstants.GROUPS_PATH;
     }
 
     protected void tearDown() throws Exception {
@@ -90,16 +97,17 @@
             if (a != null) {
                 a.remove();
             }
-
+            save(superuser);
         }
         super.tearDown();
     }
 
-    private String getYetAnotherID() throws RepositoryException {
+    private String getYetAnotherID() throws RepositoryException, NotExecutableException {
         if (otherUID2 == null) {
             // create a third user
             Principal p = getTestPrincipal();
             otherUID2 = userMgr.createUser(p.getName(), buildPassword(p)).getID();
+            save(superuser);
         }
         return otherUID2;
     }
@@ -118,10 +126,15 @@
         try {
             Principal p = getTestPrincipal();
             u = (UserImpl) umgr.createUser(p.getName(), buildPassword(p));
+            save(uSession);
             fail("Group administrator should not be allowed to create a new user.");
-            u.remove();
         } catch (AccessDeniedException e) {
             // success
+        } finally {
+            if (u != null) {
+                u.remove();
+                save(uSession);
+            }
         }
     }
 
@@ -131,21 +144,37 @@
         Authorizable himself = umgr.getAuthorizable(uID);
         try {
             himself.remove();
+            save(uSession);
             fail("A GroupAdministrator should not be allowed to remove the own authorizable.");
         } catch (AccessDeniedException e) {
             // success
         }
     }
 
+    public void testRemoveGroupAdmin() throws RepositoryException, NotExecutableException {
+        UserManager umgr = getUserManager(uSession);
+
+        Authorizable groupAdmin = umgr.getAuthorizable(grID);
+        try {
+            groupAdmin.remove();
+            save(uSession);
+            fail("A GroupAdministrator should not be allowed to remove the group admin.");
+        } catch (AccessDeniedException e) {
+            // success
+        }
+    }
+
     public void testCreateGroup() throws RepositoryException, NotExecutableException {
         UserManager umgr = getUserManager(uSession);
         Group testGroup = null;
         try {
             testGroup = umgr.createGroup(getTestPrincipal());
-            assertTrue(Text.isDescendant(UserConstants.GROUPS_PATH, ((GroupImpl)testGroup).getNode().getPath()));
+            save(uSession);
+            assertTrue(Text.isDescendant(groupsPath, ((GroupImpl)testGroup).getNode().getPath()));
         } finally {
             if (testGroup != null) {
                 testGroup.remove();
+                save(uSession);
             }
         }
     }
@@ -155,10 +184,12 @@
         Group testGroup = null;
         try {
             testGroup = umgr.createGroup(getTestPrincipal(), "/any/intermediate/path");
-            assertTrue(Text.isDescendant(UserConstants.GROUPS_PATH + "/any/intermediate/path", ((GroupImpl)testGroup).getNode().getPath()));
+            save(uSession);
+            assertTrue(Text.isDescendant(groupsPath + "/any/intermediate/path", ((GroupImpl)testGroup).getNode().getPath()));
         } finally {
             if (testGroup != null) {
                 testGroup.remove();
+                save(uSession);
             }
         }
     }
@@ -168,14 +199,13 @@
         Authorizable cU = umgr.getAuthorizable(getYetAnotherID());
         Group gr = (Group) umgr.getAuthorizable(grID);
 
-        // adding and removing the child-user as member of a group must not 
-        // succeed as long editing session is not user-admin.
+        // adding and removing the test user as member of a group must succeed.
         try {
-            assertFalse("Modifying group membership requires GroupAdmin and UserAdmin.",gr.addMember(cU));
-        } catch (AccessDeniedException e) {
-            // ok
+            assertTrue("Modifying group membership requires GroupAdmin membership.",gr.addMember(cU));
+            save(uSession);
         } finally {
             gr.removeMember(cU);
+            save(uSession);
         }
     }
 
@@ -183,75 +213,80 @@
         UserManager umgr = getUserManager(uSession);
         Authorizable cU = umgr.getAuthorizable(getYetAnotherID());
 
-        Authorizable auth = umgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
-        if (auth == null || !auth.isGroup()) {
-            throw new NotExecutableException("Cannot execute test. User-Admin name has been changed by config.");
-        }
-        Group userAdmin = (Group)auth;
-        User self = (User) umgr.getAuthorizable(uID);
-        try {
-            assertTrue(userAdmin.addMember(self));
-
-            Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());
-            assertTrue(gr.addMember(cU));
-            assertTrue(gr.removeMember(cU));
-        } finally {
-            userAdmin.removeMember(self);
-        }
+        Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());
+        assertTrue(gr.addMember(cU));
+        save(uSession);
+        assertTrue(gr.removeMember(cU));
+        save(uSession);
     }
 
     public void testAddMembersToCreatedGroup() throws RepositoryException, NotExecutableException {
         UserManager umgr = getUserManager(uSession);
-        Authorizable auth = umgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
-        if (auth == null || !auth.isGroup()) {
-            throw new NotExecutableException("Cannot execute test. User-Admin name has been changed by config.");
-        }
-        Group userAdmin = (Group) auth;
         Group testGroup = null;
         User self = (User) umgr.getAuthorizable(uID);
         try {
             // let groupadmin create a new group
             testGroup = umgr.createGroup(getTestPrincipal(), "/a/b/c/d");
+            save(uSession);
 
             // editing session adds itself to that group -> must succeed.
             assertTrue(testGroup.addMember(self));
-
-            // editing session adds itself to user-admin group
-            userAdmin.addMember(self);
-            assertTrue(userAdmin.isMember(self));
+            save(uSession);
 
             // add child-user to test group
             Authorizable testUser = umgr.getAuthorizable(getYetAnotherID());
             assertFalse(testGroup.isMember(testUser));
             assertTrue(testGroup.addMember(testUser));
+            save(uSession);
         } finally {
             if (testGroup != null) {
-                for (Iterator it = testGroup.getDeclaredMembers(); it.hasNext();) {
-                    testGroup.removeMember((Authorizable) it.next());
+                for (Iterator<Authorizable> it = testGroup.getDeclaredMembers(); it.hasNext();) {
+                    testGroup.removeMember(it.next());
                 }
                 testGroup.remove();
+                save(uSession);
             }
-            userAdmin.removeMember(self);            
         }
     }
 
-    public void testAddMemberToForeignGroup() throws RepositoryException, NotExecutableException {
+    public void testAddMembersUserAdmins() throws RepositoryException, NotExecutableException {
+        UserManager umgr = getUserManager(uSession);
+        Authorizable auth = umgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
+        if (auth == null || !auth.isGroup()) {
+            throw new NotExecutableException("Cannot execute test. No User-Admin group found.");
+        }
+        Group userAdmin = (Group) auth;
+        Group testGroup = null;
+        User self = (User) umgr.getAuthorizable(uID);
         try {
-            // let superuser create child user below the user with uID.
-            UserManager umgr = getUserManager(uSession);
-            Authorizable cU = umgr.getAuthorizable(getYetAnotherID());
-            Group uadminGr = (Group) umgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
-            if (uadminGr.isMember(cU)) {
-                throw new RepositoryException("Test user is already member -> cannot execute.");
-            }
 
-            // adding to and removing a child user from a group the group-admin
-            // is NOT member of must fail.
-            uadminGr.addMember(cU);
-            fail("A GroupAdmin should not be allowed to add a user to a group she/he is not member of.");
+            userAdmin.addMember(self);
+            save(uSession);
+
+            userAdmin.removeMember(self);
+            save(uSession);
+            fail("Group admin cannot add member to user-admins");
+        } catch (AccessDeniedException e) {
+            // success
+        }
+
+        try {
+            // let groupadmin create a new group
+            testGroup = umgr.createGroup(getTestPrincipal(), "/a/b/c/d");
+            save(uSession);
 
+            userAdmin.addMember(testGroup);
+            save(uSession);
+            userAdmin.removeMember(testGroup);
+            save(uSession);
+            fail("Group admin cannot add member to user-admins");
         } catch (AccessDeniedException e) {
-            // success.
+            // success
+        } finally {
+            if (testGroup != null) {
+                testGroup.remove();
+                save(uSession);
+            }
         }
     }
 
@@ -261,35 +296,12 @@
         Authorizable pU = umgr.getAuthorizable(otherUID);
         Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());
 
-        // adding and removing the parent-user as member of a group must not
-        // succeed: editing session isn't UserAdmin
         try {
-            assertFalse(gr.addMember(pU));
-        } catch (AccessDeniedException e) {
-            // ok
-        } finally {
-            gr.removeMember(pU);
-        }
-
-        // ... if the editing user becomes member of the user-admin group it
-        // must work.
-        Group uAdministrators = null;
-        try {
-            Authorizable userAdmin = userMgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
-            if (userAdmin == null || !userAdmin.isGroup()) {
-                throw new NotExecutableException("Cannot execute test. User-Admin name has been changed by config.");
-            }
-            uAdministrators = (Group) userAdmin;
-            uAdministrators.addMember(userMgr.getAuthorizable(uID));
-
             assertTrue(gr.addMember(pU));
-            gr.removeMember(pU);
+            save(uSession);
         } finally {
-            // let superuser do the clean up.
-            // remove testuser from u-admin group again.
-            if (uAdministrators != null) {
-                uAdministrators.removeMember(userMgr.getAuthorizable(uID));
-            }
+            gr.removeMember(pU);
+            save(uSession);
         }
     }
 
@@ -316,16 +328,20 @@
 
     public void testAddOwnAuthorizableToForeignGroup() throws RepositoryException, NotExecutableException {
         UserManager umgr = getUserManager(uSession);
+        Authorizable self = umgr.getAuthorizable(uID);
 
-        Authorizable user = umgr.getAuthorizable(uID);
-        Group uadminGr = (Group) umgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
-        if (uadminGr.isMember(user)) {
-            throw new RepositoryException("Test user is already member -> cannot execute.");
-        }
+        Group gr = userMgr.createGroup(getTestPrincipal());
+        save(superuser);
 
-        String msg = "GroupAdmin must be able to add its own authorizable to a group she/he is not yet member of.";
-        assertTrue(msg, uadminGr.addMember(user));
-        assertTrue(msg, uadminGr.removeMember(user));
+        try {
+            assertTrue(((Group) umgr.getAuthorizable(gr.getID())).addMember(self));
+            save(uSession);
+            assertTrue(((Group) umgr.getAuthorizable(gr.getID())).removeMember(self));
+            save(uSession);
+        } finally {
+            gr.remove();
+            save(superuser);
+        }
     }
 
     public void testRemoveMembersOfForeignGroup() throws RepositoryException, NotExecutableException {
@@ -336,24 +352,32 @@
         try {
             // let superuser create a group and a user a make user member of group
             nGr = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
+
             Principal p = getTestPrincipal();
             nUs = userMgr.createUser(p.getName(), buildPassword(p));
+            save(superuser);
+
             p = getTestPrincipal();
             nUs2 = userMgr.createUser(p.getName(), buildPassword(p));
+            save(superuser);
             nGr.addMember(nUs);
             nGr.addMember(nUs2);
+            save(superuser);
 
-            Group gr = (Group) getUserManager(uSession).getAuthorizable(nGr.getID());
+            UserManager umgr = getUserManager(uSession);
+            Group gr = (Group) umgr.getAuthorizable(nGr.getID());
 
             // removing any member must fail unless the testuser is user-admin
-            Iterator it = gr.getMembers();
+            Iterator<Authorizable> it = gr.getMembers();
             if (it.hasNext()) {
-                Authorizable auth = (Authorizable) it.next();
+                Authorizable auth = it.next();
 
-                String msg = "GroupAdmin cannot remove members of other user unless he/she is user-admin.";
-                assertFalse(msg, gr.removeMember(auth));
+                String msg = "GroupAdmin must be able to modify group membership.";
+                assertTrue(msg, gr.removeMember(auth));
+                save(uSession);
             } else {
-                throw new RepositoryException("Must contain members....");
+                fail("Must contain members....");
             }
 
         } catch (AccessDeniedException e) {
@@ -367,6 +391,7 @@
             }
             if (nUs != null) nUs.remove();
             if (nUs2 != null) nUs2.remove();
+            save(superuser);
         }
     }
 
@@ -377,19 +402,23 @@
         try {
             // let superuser create a group and a user a make user member of group
             nGr = userMgr.createGroup(getTestPrincipal());
+            save(superuser);
             Principal p = getTestPrincipal();
             nUs = userMgr.createUser(p.getName(), buildPassword(p));
             nGr.addMember(nUs);
+            save(superuser);
 
-            Group gr = (Group) getUserManager(uSession).getAuthorizable(nGr.getID());
+            UserManager umgr = getUserManager(uSession);
+            Group gr = (Group) umgr.getAuthorizable(nGr.getID());
 
             // since only 1 single member -> removal rather than modification.
             // since uSession is not user-admin this must fail.
-            for (Iterator it = gr.getMembers(); it.hasNext();) {
-                Authorizable auth = (Authorizable) it.next();
+            for (Iterator<Authorizable> it = gr.getMembers(); it.hasNext();) {
+                Authorizable auth = it.next();
 
-                String msg = "GroupAdmin cannot remove members of groups unless he/she is UserAdmin.";
-                assertFalse(msg, gr.removeMember(auth));
+                String msg = "GroupAdmin must be able to remove a member of another group.";
+                assertTrue(msg, gr.removeMember(auth));
+                save(uSession);
             }
         } catch (AccessDeniedException e) {
             // fine as well.
@@ -398,6 +427,7 @@
             if (nGr != null && nUs != null) nGr.removeMember(nUs);
             if (nGr != null) nGr.remove();
             if (nUs != null) nUs.remove();
+            save(superuser);
         }
     }
 
@@ -410,6 +440,7 @@
         assertFalse(impers.allows(buildSubject(selfPrinc)));
         try {
             assertFalse(impers.grantImpersonation(selfPrinc));
+            save(uSession);
         } catch (AccessDeniedException e) {
             // ok.
         }
@@ -420,6 +451,7 @@
         assertFalse(impers.allows(buildSubject(selfPrinc)));
         try {
             assertFalse(impers.grantImpersonation(selfPrinc));
+            save(uSession);
         } catch (AccessDeniedException e) {
             // ok.
         }
@@ -432,14 +464,32 @@
         try {
             Principal p = getTestPrincipal();
             gr = umgr.createGroup(p);
+            save(uSession);
 
+            // must be visible for the user-mgr attached to another session.
             Authorizable az = userMgr.getAuthorizable(gr.getID());
             assertNotNull(az);
             assertEquals(gr.getID(), az.getID());
         } finally {
             if (gr != null) {
                 gr.remove();
+                save(uSession);
             }
         }
     }
+
+    public void testAddCustomNodeToGroupAdminNode() throws RepositoryException, NotExecutableException {
+        UserManager umgr = getUserManager(uSession);
+        Node groupAdminNode = ((AuthorizableImpl) umgr.getAuthorizable(grID)).getNode();
+        Session s = groupAdminNode.getSession();
+
+        Node n = groupAdminNode.addNode(nodeName1, ntUnstructured);
+        save(uSession);
+
+        n.setProperty(propertyName1, s.getValueFactory().createValue("anyValue"));
+        save(uSession);
+
+        n.remove();
+        save(uSession);
+    }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/ImpersonationImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/ImpersonationImplTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/ImpersonationImplTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/ImpersonationImplTest.java Thu Oct 22 17:26:37 2009
@@ -20,6 +20,7 @@
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.api.security.user.Impersonation;
 import org.apache.jackrabbit.test.NotExecutableException;
 
 import javax.jcr.AccessDeniedException;
@@ -48,7 +49,10 @@
         Principal p = getTestPrincipal();
         String pw = buildPassword(p);
         creds = buildCredentials(p.getName(), pw);
+
         UserImpl u = (UserImpl) userMgr.createUser(p.getName(), pw);
+        save(superuser);
+
         uID = u.getID();
         uSession = getHelper().getRepository().login(creds);
         uMgr = getUserManager(uSession);
@@ -56,7 +60,10 @@
         // create a second user 'below' the first user.
         p = getTestPrincipal();
         pw = buildPassword(p);
+        
         User u2 = userMgr.createUser(p.getName(), pw);
+        save(superuser);
+        
         otherUID = u2.getID();
     }
 
@@ -65,9 +72,14 @@
             uSession.logout();
         } finally {
             Authorizable a = userMgr.getAuthorizable(uID);
-            if (a != null) a.remove();
+            if (a != null) {
+                a.remove();
+            }
             a = userMgr.getAuthorizable(otherUID);
-            if (a != null) a.remove();
+            if (a != null) {
+                a.remove();
+            }
+            save(superuser);
         }
         super.tearDown();
     }
@@ -75,12 +87,24 @@
     public void testModifyOwnImpersonation() throws RepositoryException, NotExecutableException {
         User u = (User) uMgr.getAuthorizable(uID);
 
+        if (!uSession.hasPermission(((UserImpl) u).getNode().getPath(), "set_property")) {
+            throw new NotExecutableException("Users should be able to modify their properties -> Check repository config.");
+        }
+
         Principal otherP = uMgr.getAuthorizable(otherUID).getPrincipal();
 
-        assertTrue(u.getImpersonation().grantImpersonation(otherP));
-        assertTrue(u.getImpersonation().allows(buildSubject(otherP)));
-        assertTrue(u.getImpersonation().revokeImpersonation(otherP));
-        assertFalse(u.getImpersonation().allows(buildSubject(otherP)));
+        Impersonation impers = u.getImpersonation();
+        assertFalse(impers.allows(buildSubject(otherP)));
+
+        assertTrue(impers.grantImpersonation(otherP));
+        save(uSession);
+
+        assertTrue(impers.allows(buildSubject(otherP)));
+
+        assertTrue(impers.revokeImpersonation(otherP));
+        save(uSession);
+
+        assertFalse(impers.allows(buildSubject(otherP)));
     }
 
     public void testModifyOthersImpersonators() throws RepositoryException {
@@ -89,6 +113,7 @@
         User other = (User) uMgr.getAuthorizable(otherUID);
         try {
             boolean success = other.getImpersonation().grantImpersonation(p);
+            // omit save call
             assertFalse("A simple user may not add itself as impersonator to another user.",success);
         } catch (AccessDeniedException e) {
             // fine as well -> access denied.

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IndexNodeResolverTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IndexNodeResolverTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IndexNodeResolverTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IndexNodeResolverTest.java Thu Oct 22 17:26:37 2009
@@ -23,7 +23,6 @@
 import org.slf4j.LoggerFactory;
 
 import javax.jcr.RepositoryException;
-import javax.jcr.Session;
 import javax.jcr.Value;
 import javax.jcr.NodeIterator;
 
@@ -32,11 +31,8 @@
 
     private static Logger log = LoggerFactory.getLogger(IndexNodeResolver.class);
 
-    protected NodeResolver createNodeResolver(Session session) throws RepositoryException, NotExecutableException {
-        if (!(session instanceof SessionImpl)) {
-            throw new NotExecutableException();
-        }
-        return new IndexNodeResolver(session, (SessionImpl) session);
+    protected NodeResolver createNodeResolver(SessionImpl session) throws RepositoryException, NotExecutableException {
+        return new IndexNodeResolver(session, session);
     }
 
 
@@ -48,9 +44,10 @@
      * @throws RepositoryException
      */
     public void testFindNodesNonExact() throws NotExecutableException, RepositoryException {
-        UserImpl currentUser = getCurrentUser(superuser);
+        UserImpl currentUser = getCurrentUser();
         Value vs = superuser.getValueFactory().createValue("value \\, containing backslash");
         currentUser.setProperty(propertyName1, vs);
+        save();
 
         Name propName = ((SessionImpl) superuser).getQName(propertyName1);
         try {
@@ -62,6 +59,7 @@
             assertFalse("expected no more results", result.hasNext());
         } finally {
             currentUser.removeProperty(propertyName1);
+            save();
         }
     }
 }
\ No newline at end of file

Copied: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeCreationTest.java (from r818472, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IdResolverTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeCreationTest.java?p2=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeCreationTest.java&p1=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IdResolverTest.java&r1=818472&r2=828791&rev=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/IdResolverTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeCreationTest.java Thu Oct 22 17:26:37 2009
@@ -25,6 +25,7 @@
 import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.core.security.TestPrincipal;
 import org.apache.jackrabbit.util.Text;
+import org.apache.jackrabbit.test.NotExecutableException;
 import org.apache.commons.collections.map.ListOrderedMap;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -38,23 +39,29 @@
 /**
  * <code>IdResolverTest</code>...
  */
-public class IdResolverTest extends AbstractUserTest {
+public class NodeCreationTest extends AbstractUserTest {
 
     /**
      * logger instance
      */
-    private static final Logger log = LoggerFactory.getLogger(IdResolverTest.class);
+    private static final Logger log = LoggerFactory.getLogger(NodeCreationTest.class);
 
     private SessionImpl s;
     private UserManagerImpl uMgr;
     private List<NodeImpl> toRemove = new ArrayList();
 
+    private String usersPath;
+    private String groupsPath;
+
     @Override
     protected void setUp() throws Exception {
         super.setUp();
         
         String workspaceName = ((RepositoryImpl) superuser.getRepository()).getConfig().getSecurityConfig().getSecurityManagerConfig().getWorkspaceName();
         s = (SessionImpl) ((SessionImpl) superuser).createSession(workspaceName);
+
+        usersPath = ((UserManagerImpl) userMgr).getUsersPath();
+        groupsPath = ((UserManagerImpl) userMgr).getGroupsPath();
     }
 
     @Override
@@ -62,6 +69,7 @@
         try {
             for (NodeImpl node : toRemove) {
                 uMgr.removeProtectedItem(node, node.getParent());
+                save(s);
             }
         } finally {
             s.logout();
@@ -74,29 +82,36 @@
         props.put(UserManagerImpl.PARAM_DEFAULT_DEPTH, depth);
         props.put(UserManagerImpl.PARAM_AUTO_EXPAND_TREE, expandTree);
         props.put(UserManagerImpl.PARAM_AUTO_EXPAND_SIZE, size);
+        props.put(UserManagerImpl.PARAM_GROUPS_PATH, groupsPath);
+        props.put(UserManagerImpl.PARAM_USERS_PATH, usersPath);
 
         uMgr = new UserManagerImpl(s, "admin", props);
     }
 
 
-    public void testRemoveTree() throws RepositoryException {
+    public void testRemoveTree() throws RepositoryException, NotExecutableException {
         UserImpl u = (UserImpl) userMgr.createUser("z", "z");
+        save(superuser);
         UserImpl u2 = (UserImpl) userMgr.createUser("zz", "zz");
+        save(superuser);
 
-        assertEquals(UserConstants.USERS_PATH + "/z/zz/z", u.getNode().getPath());
+        assertEquals(usersPath + "/z/zz/z", u.getNode().getPath());
 
         try {
             NodeImpl folder = (NodeImpl) u.getNode().getParent().getParent();
             ((UserManagerImpl) userMgr).removeProtectedItem(folder, folder.getParent());
+            save(superuser);
         } finally {
             boolean fail = false;
             if (userMgr.getAuthorizable("z") != null) {
                 fail = true;
                 u.remove();
+                save(superuser);
             }
             if (userMgr.getAuthorizable("zz") != null) {
                 fail = true;
                 u2.remove();
+                save(superuser);
             }
             if (fail) {
                 fail("Removing the top authorizable folder must remove all users contained.");
@@ -107,20 +122,20 @@
     /**
      * If auto-expand is false all users must be created on the second level.
      */
-    public void testDefault() throws RepositoryException {
+    public void testDefault() throws RepositoryException, NotExecutableException {
         createUserManager(2, false, 1);
 
         UserImpl u = (UserImpl) uMgr.createUser("z", "z");
+        save(s);
+
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) u.getNode().getParent().getParent());
-        assertEquals(UserConstants.USERS_PATH + "/z/zz/z", u.getNode().getPath());
+        assertEquals(usersPath + "/z/zz/z", u.getNode().getPath());
 
         Map<String, String> m = new ListOrderedMap();
         m.put("zz",     "/z/zz/zz");
         m.put("zzz",    "/z/zz/zzz");
         m.put("zzzz",   "/z/zz/zzzz");
-        m.put("zZ",     "/z/zZ/zZ");
-        m.put("zH",     "/z/zH/zH");
         m.put("zh",     "/z/zh/zh");
         m.put("zHzh",   "/z/zH/zHzh");
         m.put("z_Hz",   "/z/z_/z_Hz");
@@ -128,7 +143,8 @@
 
         for (String uid : m.keySet()) {
             u = (UserImpl) uMgr.createUser(uid, uid);
-            assertEquals(UserConstants.USERS_PATH + m.get(uid), u.getNode().getPath());
+            save(s);
+            assertEquals(usersPath + m.get(uid), u.getNode().getPath());
         }
     }
 
@@ -137,46 +153,48 @@
      * 
      * @throws RepositoryException
      */
-    public void testChangedDefaultLevel() throws RepositoryException {
+    public void testChangedDefaultLevel() throws RepositoryException, NotExecutableException {
         createUserManager(3, false, 1);
 
         UserImpl u = (UserImpl) uMgr.createUser("z", "z");
+        save(s);
+
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) u.getNode().getParent().getParent().getParent());
-        assertEquals(UserConstants.USERS_PATH + "/z/zz/zzz/z", u.getNode().getPath());
+        assertEquals(usersPath + "/z/zz/zzz/z", u.getNode().getPath());
 
         Map<String, String> m = new ListOrderedMap();
         m.put("zz",     "/z/zz/zzz/zz");
         m.put("zzz",    "/z/zz/zzz/zzz");
         m.put("zzzz",   "/z/zz/zzz/zzzz");
-        m.put("zZ",     "/z/zZ/zZZ/zZ");
         m.put("zH",     "/z/zH/zHH/zH");
-        m.put("zh",     "/z/zh/zhh/zh");
         m.put("zHzh",   "/z/zH/zHz/zHzh");
         m.put("z_Hz",   "/z/z_/z_H/z_Hz");
         m.put("zŸrich", "/z/zŸ/zŸr/zŸrich");
 
         for (String uid : m.keySet()) {
             u = (UserImpl) uMgr.createUser(uid, uid);
-            assertEquals(UserConstants.USERS_PATH + m.get(uid), u.getNode().getPath());
+            save(s);
+
+            assertEquals(usersPath + m.get(uid), u.getNode().getPath());
 
             Authorizable az = uMgr.getAuthorizable(uid);
             assertNotNull(az);
         }
     }
 
-    public void testIllegalChars() throws RepositoryException {
+    public void testIllegalChars() throws RepositoryException, NotExecutableException {
         createUserManager(2, true, 2);
 
         UserImpl u = (UserImpl) uMgr.createUser("z", "z");
+        save(s);
+
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) u.getNode().getParent().getParent());
 
         String zu = Text.escapeIllegalJcrChars("z*");
         String zur = Text.escapeIllegalJcrChars("z*r");
 
-        String zuri = Text.escapeIllegalJcrChars("z*.r.i");
-
         Map<String, String> m = new ListOrderedMap();
         // test illegal JCR chars in uid
         // on level 2
@@ -189,7 +207,8 @@
 
         for (String uid : m.keySet()) {
             u = (UserImpl) uMgr.createUser(uid, uid);
-            assertEquals(UserConstants.USERS_PATH + m.get(uid), u.getNode().getPath());
+            save(s);
+            assertEquals(usersPath + m.get(uid), u.getNode().getPath());
 
             Authorizable ath = uMgr.getAuthorizable(uid);
             assertNotNull("User with id " + uid + " must exist.", ath);
@@ -198,11 +217,12 @@
 
         // test for groups as well
         GroupImpl gr = (GroupImpl) uMgr.createGroup(new TestPrincipal("z[x]"));
+        save(s);
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) gr.getNode().getParent().getParent());
 
         assertEquals("z[x]", gr.getID());
-        String expectedPath = UserConstants.GROUPS_PATH + "/z/" + Text.escapeIllegalJcrChars("z[") + "/" + Text.escapeIllegalJcrChars("z[x]");
+        String expectedPath = groupsPath + "/z/" + Text.escapeIllegalJcrChars("z[") + "/" + Text.escapeIllegalJcrChars("z[x]");
         assertEquals(expectedPath, gr.getNode().getPath());
 
         Authorizable ath = uMgr.getAuthorizable(gr.getID());
@@ -212,6 +232,7 @@
         // test if conflicting authorizables are detected.
         try {
             uMgr.createUser("z[x]", "z[x]");
+            save(s);
             fail("A group \"z[x]\" already exists.");
         } catch (AuthorizableExistsException e) {
             // success
@@ -219,6 +240,7 @@
 
         try {
             uMgr.createGroup(new TestPrincipal("z*rik"));
+            save(s);
             fail("A user \"z*rik\" already exists");
         } catch (AuthorizableExistsException e) {
             // success
@@ -232,13 +254,15 @@
      *
      * @throws RepositoryException
      */
-    public void testAutoExpand() throws RepositoryException {
+    public void testAutoExpand() throws RepositoryException, NotExecutableException {
         createUserManager(2, true, 5);
 
         UserImpl u = (UserImpl) uMgr.createUser("z", "z");
+        save(s);
+
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) u.getNode().getParent().getParent());
-        assertEquals(UserConstants.USERS_PATH + "/z/zz/z", u.getNode().getPath());
+        assertEquals(usersPath + "/z/zz/z", u.getNode().getPath());
 
         Map<String, String> m = new ListOrderedMap();
         m.put("zz", "/z/zz/zz");
@@ -265,7 +289,8 @@
 
         for (String uid : m.keySet()) {
             u = (UserImpl) uMgr.createUser(uid, uid);
-            assertEquals(UserConstants.USERS_PATH + m.get(uid), u.getNode().getPath());
+            save(s);
+            assertEquals(usersPath + m.get(uid), u.getNode().getPath());
         }
     }
 
@@ -277,14 +302,16 @@
      *  
      * @throws RepositoryException
      */
-    public void testConflictUponChangingAutoExpandFlag() throws RepositoryException {
+    public void testConflictUponChangingAutoExpandFlag() throws RepositoryException, NotExecutableException {
         createUserManager(2, false, 1);
 
         UserImpl u = (UserImpl) uMgr.createUser("zzz", "zzz");
+        save(s);
+
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) u.getNode().getParent().getParent());
 
-        assertEquals(UserConstants.USERS_PATH + "/z/zz/zzz", u.getNode().getPath());
+        assertEquals(usersPath + "/z/zz/zzz", u.getNode().getPath());
 
         // now create a second user manager that has auto-expand-tree enabled
         createUserManager(2, true, 1);
@@ -307,7 +334,9 @@
 
         for (String uid : m.keySet()) {
             u = (UserImpl) uMgr.createUser(uid, uid);
-            assertEquals(UserConstants.USERS_PATH + m.get(uid), u.getNode().getPath());
+            save(s);
+
+            assertEquals(usersPath + m.get(uid), u.getNode().getPath());
             assertNotNull(uMgr.getAuthorizable(uid));
         }
     }
@@ -317,13 +346,15 @@
      * 
      * @throws RepositoryException
      */
-    public void testFindById() throws RepositoryException {
+    public void testFindById() throws RepositoryException, NotExecutableException {
         createUserManager(2, true, 2);
 
         UserImpl u = (UserImpl) uMgr.createUser("z", "z");
+        save(s);
+
         // remember the z-folder for later removal
         toRemove.add((NodeImpl) u.getNode().getParent().getParent());
-        assertEquals(UserConstants.USERS_PATH + "/z/zz/z", u.getNode().getPath());
+        assertEquals(usersPath + "/z/zz/z", u.getNode().getPath());
 
         Map<String, String> m = new ListOrderedMap();
         // potential conflicting uid
@@ -336,11 +367,42 @@
 
         for (String uid : m.keySet()) {
             u = (UserImpl) uMgr.createUser(uid, uid);
-            assertEquals(UserConstants.USERS_PATH + m.get(uid), u.getNode().getPath());
+            save(s);
+
+            assertEquals(usersPath + m.get(uid), u.getNode().getPath());
 
             User us = (User) uMgr.getAuthorizable(uid);
             assertNotNull(us);
             assertEquals(uid, us.getID());
         }
     }
+
+    public void testIdIsCaseSensitive() throws RepositoryException, NotExecutableException {
+        createUserManager(2, true, 2);
+
+        UserImpl u = (UserImpl) uMgr.createUser("ZuRiCh", "z");
+        save(s);
+
+        // remember the z-folder for later removal
+        toRemove.add((NodeImpl) u.getNode().getParent().getParent());
+
+        assertEquals("ZuRiCh", u.getID());
+    }
+
+    public void testUUIDIsBuildCaseInsensitive() throws RepositoryException, NotExecutableException {
+        createUserManager(2, true, 2);
+
+        UserImpl u = (UserImpl) uMgr.createUser("ZuRiCh", "z");
+        save(s);
+
+        // remember the z-folder for later removal
+        toRemove.add((NodeImpl) u.getNode().getParent().getParent());
+
+        try {
+            User u2 = uMgr.createUser("zurich", "z");
+            fail("uuid is built from insensitive userID -> must conflict");
+        } catch (AuthorizableExistsException e) {
+            // success
+        }
+    }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeResolverTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeResolverTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeResolverTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NodeResolverTest.java Thu Oct 22 17:26:37 2009
@@ -19,12 +19,14 @@
 import org.apache.jackrabbit.api.JackrabbitSession;
 import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.spi.Name;
 import org.apache.jackrabbit.spi.commons.name.NameConstants;
 import org.apache.jackrabbit.spi.commons.name.NameFactoryImpl;
 import org.apache.jackrabbit.test.AbstractJCRTest;
 import org.apache.jackrabbit.test.NotExecutableException;
+import org.apache.jackrabbit.util.Text;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -41,37 +43,68 @@
     private static Logger log = LoggerFactory.getLogger(NodeResolverTest.class);
 
     NodeResolver nodeResolver;
+    UserManager umgr;
+    String usersPath = UserConstants.USERS_PATH;
+    String groupsPath = UserConstants.GROUPS_PATH;
+    String authorizablesPath = UserConstants.AUTHORIZABLES_PATH;
 
     protected void setUp() throws Exception {
         super.setUp();
 
         nodeResolver = createNodeResolver(superuser);
-    }
-
-    protected static UserImpl getCurrentUser(Session session) throws NotExecutableException, RepositoryException {
-        if (!(session instanceof JackrabbitSession)) {
+        if (!(superuser instanceof JackrabbitSession)) {
             throw new NotExecutableException();
         }
-        try {
-            UserManager uMgr = ((JackrabbitSession) session).getUserManager();
-            String uid = session.getUserID();
-            if (uid != null) {
-                Authorizable auth = uMgr.getAuthorizable(session.getUserID());
-                if (auth != null && auth instanceof UserImpl) {
-                    return (UserImpl) auth;
-                }
+
+        umgr = ((JackrabbitSession) superuser).getUserManager();
+        if (umgr instanceof UserManagerImpl) {
+            UserManagerImpl uImpl = (UserManagerImpl) umgr;
+            usersPath = uImpl.getUsersPath();
+            groupsPath = uImpl.getGroupsPath();
+
+            authorizablesPath = usersPath;
+            while (!Text.isDescendant(authorizablesPath, groupsPath)) {
+                authorizablesPath = Text.getRelativeParent(authorizablesPath, 1);
+            }
+        }
+    }
+
+    protected UserImpl getCurrentUser() throws NotExecutableException, RepositoryException {
+        String uid = superuser.getUserID();
+        if (uid != null) {
+            Authorizable auth = umgr.getAuthorizable(uid);
+            if (auth != null && auth instanceof UserImpl) {
+                return (UserImpl) auth;
             }
-        } catch (RepositoryException e) {
-            // ignore
         }
         // unable to retrieve current user
         throw new NotExecutableException();
     }
 
-    protected abstract NodeResolver createNodeResolver(Session session) throws RepositoryException, NotExecutableException;
+    protected void save() throws RepositoryException {
+        if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
+            superuser.save();
+        }
+    }
+
+    protected abstract NodeResolver createNodeResolver(SessionImpl session) throws RepositoryException, NotExecutableException;
+
+    protected NodeResolver createNodeResolver(Session session) throws NotExecutableException, RepositoryException {
+        if (!(session instanceof SessionImpl)) {
+            throw new NotExecutableException();
+        }
+
+        NodeResolver resolver = createNodeResolver((SessionImpl) session);
+        UserManager umr = ((SessionImpl) session).getUserManager();
+        if (umr instanceof UserManagerImpl) {
+            UserManagerImpl uImpl = (UserManagerImpl) umr;
+            resolver.setSearchRoots(uImpl.getUsersPath(), uImpl.getGroupsPath());
+        }
+        return resolver;
+    }
 
     public void testFindNode() throws NotExecutableException, RepositoryException {
-        UserImpl currentUser = getCurrentUser(superuser);
+        UserImpl currentUser = getCurrentUser();
 
         NodeResolver nr = createNodeResolver(currentUser.getNode().getSession());
 
@@ -86,7 +119,7 @@
         result = nr.findNode(currentUser.getNode().getQName(), UserConstants.NT_REP_GROUP);
         assertNull(result);
 
-        Iterator it = currentUser.memberOf();
+        Iterator<Group> it = currentUser.memberOf();
         while (it.hasNext()) {
             GroupImpl gr = (GroupImpl) it.next();
 
@@ -104,7 +137,7 @@
     }
 
     public void testFindNodeByPrincipalName() throws NotExecutableException, RepositoryException {
-        UserImpl currentUser = getCurrentUser(superuser);
+        UserImpl currentUser = getCurrentUser();
 
         NodeResolver nr = createNodeResolver(currentUser.getNode().getSession());
 
@@ -112,7 +145,7 @@
         assertNotNull(result);
         assertTrue(currentUser.getNode().isSame(result));
 
-        Iterator it = currentUser.memberOf();
+        Iterator<Group> it = currentUser.memberOf();
         while (it.hasNext()) {
             GroupImpl gr = (GroupImpl) it.next();
 
@@ -126,13 +159,14 @@
     }
 
     public void testFindNodeByMultiValueProp() throws NotExecutableException, RepositoryException {
-        UserImpl currentUser = getCurrentUser(superuser);
+        UserImpl currentUser = getCurrentUser();
 
         Value[] vs = new Value[] {
                 superuser.getValueFactory().createValue("blub"),
                 superuser.getValueFactory().createValue("blib")
         };
         currentUser.setProperty(propertyName1, vs);
+        save();
 
         NodeResolver nr = createNodeResolver(currentUser.getNode().getSession());
 
@@ -142,6 +176,7 @@
         assertTrue(currentUser.getNode().isSame(result));
 
         currentUser.removeProperty(propertyName1);
+        save();
     }
 
     public void testFindNodeWithNonExistingSearchRoot() throws NotExecutableException, RepositoryException {
@@ -161,14 +196,17 @@
                 superuser.getValueFactory().createValue("blib")
         };
 
-        UserImpl currentUser = getCurrentUser(superuser);
+        UserImpl currentUser = getCurrentUser();
         currentUser.setProperty(propertyName1, vs);
 
-        Iterator it = currentUser.memberOf();
+        int expResultSize = 1;
+        Iterator<Group> it = currentUser.memberOf();
         while (it.hasNext()) {
             GroupImpl gr = (GroupImpl) it.next();
             gr.setProperty(propertyName1, vs);
+            expResultSize++;
         }
+        save();
 
         Name propName = ((SessionImpl) superuser).getQName(propertyName1);
 
@@ -181,7 +219,7 @@
             assertFalse("expected no more results", result.hasNext());
 
             result = nr.findNodes(propName, "blub", UserConstants.NT_REP_AUTHORIZABLE, false);
-            assertTrue(getSize(result) > 1);
+            assertEquals(expResultSize, getSize(result));
 
         } finally {
             currentUser.removeProperty(propertyName1);
@@ -190,6 +228,7 @@
                 GroupImpl gr = (GroupImpl) it.next();
                 gr.removeProperty(propertyName1);
             }
+            save();
         }
     }
 
@@ -207,25 +246,25 @@
     public void testGetSearchRoot() {
         String searchRoot = nodeResolver.getSearchRoot(UserConstants.NT_REP_AUTHORIZABLE);
         assertNotNull(searchRoot);
-        assertEquals(UserConstants.AUTHORIZABLES_PATH, searchRoot);
+        assertEquals(authorizablesPath, searchRoot);
 
         searchRoot = nodeResolver.getSearchRoot(UserConstants.NT_REP_GROUP);
         assertNotNull(searchRoot);
-        assertEquals(UserConstants.GROUPS_PATH, searchRoot);
+        assertEquals(groupsPath, searchRoot);
 
         searchRoot = nodeResolver.getSearchRoot(UserConstants.NT_REP_USER);
         assertNotNull(searchRoot);
-        assertEquals(UserConstants.USERS_PATH, searchRoot);
+        assertEquals(usersPath, searchRoot);
     }
 
     public void testGetSearchRootDefault() {
         String searchRoot = nodeResolver.getSearchRoot(UserConstants.NT_REP_AUTHORIZABLE_FOLDER);
         assertNotNull(searchRoot);
-        assertEquals(UserConstants.AUTHORIZABLES_PATH, searchRoot);
+        assertEquals(authorizablesPath, searchRoot);
 
         searchRoot = nodeResolver.getSearchRoot(NameConstants.NT_UNSTRUCTURED);
         assertNotNull(searchRoot);
-        assertEquals(UserConstants.AUTHORIZABLES_PATH, searchRoot);
+        assertEquals(authorizablesPath, searchRoot);
     }
 
     public void testGetNamePathResolver() {

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NotUserAdministratorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NotUserAdministratorTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NotUserAdministratorTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/NotUserAdministratorTest.java Thu Oct 22 17:26:37 2009
@@ -49,7 +49,10 @@
         // created for that new user.
         Principal p = getTestPrincipal();
         String pw = buildPassword(p);
+
         UserImpl u = (UserImpl) userMgr.createUser(p.getName(), pw);
+        save(superuser);
+        
         uID = u.getID();
 
         // create a session for the other user.
@@ -66,15 +69,18 @@
             Authorizable a = userMgr.getAuthorizable(uID);
             if (a != null) {
                 a.remove();
+                save(superuser);
             }
         }
         super.tearDown();
     }
 
-    public void testCreateUser() {
+    public void testCreateUser() throws NotExecutableException {
         try {
             Principal p = getTestPrincipal();
             User u = uMgr.createUser(p.getName(), buildPassword(p));
+            save(uSession);
+
             fail("A non-UserAdmin should not be allowed to create a new User.");
 
             // clean-up: let superuser remove the user created by fault.
@@ -87,10 +93,12 @@
         }
     }
 
-    public void testCreateUserWithItermediatePath() {
+    public void testCreateUserWithItermediatePath() throws NotExecutableException {
         try {
             Principal p = getTestPrincipal();
             User u = uMgr.createUser(p.getName(), buildPassword(p), p, "/any/intermediate/path");
+            save(uSession);
+
             fail("A non-UserAdmin should not be allowed to create a new User.");
 
             // clean-up: let superuser remove the user created by fault.
@@ -103,101 +111,96 @@
         }
     }
 
-    public void testRemoveOwnAuthorizable() throws RepositoryException {
+    public void testRemoveOwnAuthorizable() throws RepositoryException, NotExecutableException {
         Authorizable himself = uMgr.getAuthorizable(uID);
         try {
             himself.remove();
+            save(uSession);
+
             fail("A user should not be allowed to remove him/herself.");
         } catch (AccessDeniedException e) {
             // success
         }
     }
 
-    public void testRemoveChildUser() throws RepositoryException {
-        // let superuser create a child-user.
+    public void testRemoveUser() throws RepositoryException, NotExecutableException {
+        // let superuser create another user.
         Principal p = getTestPrincipal();
-        String childID = userMgr.createUser(p.getName(), buildPassword(p)).getID();
+        String user2ID = userMgr.createUser(p.getName(), buildPassword(p)).getID();
+        save(superuser);
+
         try {
-            Authorizable a = uMgr.getAuthorizable(childID);
+            Authorizable a = uMgr.getAuthorizable(user2ID);
             a.remove();
-            fail("A non-administrator user should not be allowed to remove a child-user.");
+            save(uSession);
+
+            fail("A non-administrator user should not be allowed to remove another user.");
         } catch (AccessDeniedException e) {
             // success
         }
 
         // let superuser do clean up.
-        Authorizable child = userMgr.getAuthorizable(childID);
-        if (child != null) {
-            child.remove();
+        Authorizable user2 = userMgr.getAuthorizable(user2ID);
+        if (user2 != null) {
+            user2.remove();
+            save(superuser);
         }
     }
 
-    public void testRemoveOtherUser() throws RepositoryException {
-        // let superuser create a child-user.
+    public void testRemoveOtherUser() throws RepositoryException, NotExecutableException {
+        // let superuser create another user.
         Principal p = getTestPrincipal();
-        String childID = userMgr.createUser(p.getName(), buildPassword(p), p, "/any/intermediate/path").getID();
+        String user2ID = userMgr.createUser(p.getName(), buildPassword(p), p, "/any/intermediate/path").getID();
+        save(superuser);
+
         try {
-            Authorizable a = uMgr.getAuthorizable(childID);
+            Authorizable a = uMgr.getAuthorizable(user2ID);
             a.remove();
+            save(uSession);
+
             fail("A non-administrator user should not be allowed to remove another user.");
         } catch (AccessDeniedException e) {
             // success
         }
 
         // let superuser do clean up.
-        Authorizable child = userMgr.getAuthorizable(childID);
-        if (child != null) {
-            child.remove();
+        Authorizable user2 = userMgr.getAuthorizable(user2ID);
+        if (user2 != null) {
+            user2.remove();
+            save(superuser);
         }
     }
 
-    public void testModifyImpersonation() throws RepositoryException {
-        // let superuser create a child-user.
+    public void testModifyImpersonationOfAnotherUser() throws RepositoryException, NotExecutableException {
+        // let superuser create another user.
         Principal p = getTestPrincipal();
-        Authorizable child = userMgr.createUser(p.getName(), buildPassword(p));
-        try {
-            p = child.getPrincipal();
-
-            Authorizable himself = uMgr.getAuthorizable(uID);
-            Impersonation impers = ((User) himself).getImpersonation();
+        String user2ID = userMgr.createUser(p.getName(), buildPassword(p)).getID();
+        save(superuser);
 
-            assertFalse(impers.allows(buildSubject(p)));
-            assertTrue(impers.grantImpersonation(p));
-            assertTrue(impers.allows(buildSubject(p)));
-            assertTrue(impers.revokeImpersonation(p));
-            assertFalse(impers.allows(buildSubject(p)));
-
-        } finally {
-            // let superuser do clean up.
-            child.remove();
-        }
-    }
-
-    public void testModifyImpersonationOfChildUser() throws RepositoryException {
-        // let superuser create a child-user.
-        Principal p = getTestPrincipal();
-        String childID = userMgr.createUser(p.getName(), buildPassword(p)).getID();
         try {
-            Authorizable child = uMgr.getAuthorizable(childID);
+            Authorizable a = uMgr.getAuthorizable(user2ID);
 
-            Impersonation impers = ((User) child).getImpersonation();
+            Impersonation impers = ((User) a).getImpersonation();
             Principal himselfP = uMgr.getAuthorizable(uID).getPrincipal();
             assertFalse(impers.allows(buildSubject(himselfP)));
             impers.grantImpersonation(himselfP);
-            fail("A non-administrator user should not be allowed modify Impersonation of a child user.");
+            save(uSession);
+
+            fail("A non-administrator user should not be allowed modify Impersonation of another user.");
         } catch (AccessDeniedException e) {
             // success
         }
 
         // let superuser do clean up.
-        Authorizable child = userMgr.getAuthorizable(childID);
-        if (child != null) {
-            child.remove();
+        Authorizable user2 = userMgr.getAuthorizable(user2ID);
+        if (user2 != null) {
+            user2.remove();
+            save(superuser);
         }
     }
 
     public void testAddToGroup() throws NotExecutableException, RepositoryException {
-        Authorizable auth = userMgr.getAuthorizable(SecurityConstants.ADMINISTRATORS_NAME);
+        Authorizable auth = uMgr.getAuthorizable(SecurityConstants.ADMINISTRATORS_NAME);
         if (auth == null || !auth.isGroup()) {
             throw new NotExecutableException("Couldn't find 'administrators' group");
         }
@@ -206,10 +209,15 @@
         try {
             auth = uMgr.getAuthorizable(uID);
             gr.addMember(auth);
+            save(uSession);
+
             fail("a common user should not be allowed to modify any groups.");
-            gr.removeMember(auth);
         } catch (AccessDeniedException e) {
             // success
+        } finally {
+            if (gr.removeMember(auth)) {
+                save(uSession);
+            }
         }
     }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java Thu Oct 22 17:26:37 2009
@@ -45,7 +45,9 @@
         suite.addTestSuite(IndexNodeResolverTest.class);
         suite.addTestSuite(TraversingNodeResolverTest.class);
 
-        suite.addTestSuite(IdResolverTest.class);
+        suite.addTestSuite(NodeCreationTest.class);
+
+        suite.addTestSuite(UserImporterTest.class);
 
         return suite;
     }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolverTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolverTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolverTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolverTest.java Thu Oct 22 17:26:37 2009
@@ -22,17 +22,13 @@
 import org.slf4j.LoggerFactory;
 
 import javax.jcr.RepositoryException;
-import javax.jcr.Session;
 
 /** <code>TraversingNodeResolverTest</code>... */
 public class TraversingNodeResolverTest extends NodeResolverTest {
 
     private static Logger log = LoggerFactory.getLogger(TraversingNodeResolverTest.class);
 
-    protected NodeResolver createNodeResolver(Session session) throws RepositoryException, NotExecutableException {
-        if (!(session instanceof SessionImpl)) {
-            throw new NotExecutableException();
-        }
-        return new TraversingNodeResolver(session, (SessionImpl) session);
+    protected NodeResolver createNodeResolver(SessionImpl session) throws RepositoryException, NotExecutableException {
+        return new TraversingNodeResolver(session, session);
     }
 }
\ No newline at end of file



Mime
View raw message