jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r828791 [8/8] - in /jackrabbit/trunk: jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/ jackrabbi...
Date Thu, 22 Oct 2009 17:26:39 GMT
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java
Thu Oct 22 17:26:37 2009
@@ -21,7 +21,6 @@
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
-import org.apache.jackrabbit.core.NodeImpl;
 import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.core.security.TestPrincipal;
 import org.apache.jackrabbit.test.NotExecutableException;
@@ -32,10 +31,12 @@
 import javax.jcr.Session;
 import javax.jcr.SimpleCredentials;
 import javax.jcr.Value;
-import javax.jcr.nodetype.ConstraintViolationException;
+import javax.jcr.Node;
 import java.security.Principal;
 import java.util.Iterator;
 import java.util.Set;
+import java.util.List;
+import java.util.ArrayList;
 
 /**
  * <code>UserManagerImplTest</code>...
@@ -63,55 +64,24 @@
         return userId;
     }
 
-    public void testCreateNodesDirectly() throws NotExecutableException, RepositoryException
{
-        User u = getTestUser(superuser);
-        if (u instanceof UserImpl) {
-            throw new NotExecutableException();
-        }
-
-        NodeImpl n = ((UserImpl)u).getNode();
-        try {
-            n.addNode("anyname", "rep:AuthorizableFolder");
-            fail("security nodes must be protected.");
-        } catch (ConstraintViolationException e) {
-            // success
-        } finally {
-            n.refresh(false);
-        }
-        try {
-            n.addNode("anyname", "rep:User");
-            fail("security nodes must be protected.");
-        } catch (ConstraintViolationException e) {
-            // success
-        } finally {
-            n.refresh(false);
-        }
-        try {
-            n.setProperty("rep:userId", "someotherUID");
-            fail("security nodes must be protected.");
-        } catch (ConstraintViolationException e) {
-            // success
-        } finally {
-            n.refresh(false);
-        }
-    }
-
-    public void testPrincipalNameEqualsUserID() throws RepositoryException {
+    public void testPrincipalNameEqualsUserID() throws RepositoryException, NotExecutableException
{
         Principal p = getTestPrincipal();
         User u = null;
         try {
             u = userMgr.createUser(p.getName(), buildPassword(p));
+            save(superuser);
 
             String msg = "Implementation specific: User.getID() must return the userID pass
to createUser.";
             assertEquals(msg, u.getID(), p.getName());
         } finally {
             if (u != null) {
                 u.remove();
+                save(superuser);
             }
         }
     }
 
-    public void testUserIDFromSession() throws RepositoryException {
+    public void testUserIDFromSession() throws RepositoryException, NotExecutableException
{
         Principal p = getTestPrincipal();
         User u = null;
         Session uSession = null;
@@ -119,6 +89,7 @@
             String uid = p.getName();
             String pw = buildPassword(p);
             u = userMgr.createUser(uid, pw);
+            save(superuser);
 
             uSession = superuser.getRepository().login(new SimpleCredentials(uid, pw.toCharArray()));
             assertEquals(u.getID(), uSession.getUserID());
@@ -128,11 +99,12 @@
             }
             if (u != null) {
                 u.remove();
+                save(superuser);
             }
         }
     }
 
-    public void testCreateUserIdDifferentFromPrincipalName() throws RepositoryException {
+    public void testCreateUserIdDifferentFromPrincipalName() throws RepositoryException,
NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = getTestUserId(p);
         String pw = buildPassword(uid, true);
@@ -141,6 +113,7 @@
         Session uSession = null;
         try {
             u = userMgr.createUser(uid, pw, p, null);
+            save(superuser);
 
             String msg = "Creating a User with principal-name distinct from Principal-name
must succeed as long as both are unique.";
             assertEquals(msg, u.getID(), uid);
@@ -157,11 +130,12 @@
             }
             if (u != null) {
                 u.remove();
+                save(superuser);
             }
         }
     }
 
-    public void testCreatingGroupWithNameMatchingExistingUserId() throws RepositoryException
{
+    public void testCreatingGroupWithNameMatchingExistingUserId() throws RepositoryException,
NotExecutableException {
         Principal p = getTestPrincipal();
         String uid = getTestUserId(p);
 
@@ -169,7 +143,9 @@
         Group gr = null;
         try {
             u = userMgr.createUser(uid, buildPassword(uid, true), p, null);
+            save(superuser);
             gr = userMgr.createGroup(new TestPrincipal(uid));
+            save(superuser);
 
             String msg = "Creating a Group with a principal-name that exists as UserID ->
must create new GroupID but keep PrincipalName.";
             assertFalse(msg, gr.getID().equals(gr.getPrincipal().getName()));
@@ -179,24 +155,25 @@
         } finally {
             if (u != null) {
                 u.remove();
+                save(superuser);
             }
             if (gr != null) {
                 gr.remove();
+                save(superuser);
             }
         }
     }
 
     public void testFindAuthorizable() throws RepositoryException, NotExecutableException
{
         Authorizable auth;
-        Set principals = getPrincipalSetFromSession(superuser);
-        for (Iterator it = principals.iterator(); it.hasNext();) {
-            Principal p = (Principal) it.next();
+        Set<Principal> principals = getPrincipalSetFromSession(superuser);
+        for (Principal p : principals) {
             auth = userMgr.getAuthorizable(p);
 
             if (auth != null) {
-                if (!auth.isGroup() && auth.hasProperty("rep:userId")) {
-                    String val = auth.getProperty("rep:userId")[0].getString();
-                    Iterator users = userMgr.findAuthorizables("rep:userId", val);
+                if (!auth.isGroup() && auth.hasProperty(pPrincipalName)) {
+                    String val = auth.getProperty(pPrincipalName)[0].getString();
+                    Iterator<Authorizable> users = userMgr.findAuthorizables(pPrincipalName,
val);
 
                     // the result must contain 1 authorizable
                     assertTrue(users.hasNext());
@@ -211,18 +188,19 @@
         }
     }
 
-    public void testFindAuthorizableByAddedProperty() throws RepositoryException {
+    public void testFindAuthorizableByAddedProperty() throws RepositoryException, NotExecutableException
{
         Principal p = getTestPrincipal();
         Authorizable auth = null;
 
         try {
             auth= userMgr.createGroup(p);
             auth.setProperty("E-Mail", new Value[] { superuser.getValueFactory().createValue("anyVal")});
+            save(superuser);
 
             boolean found = false;
-            Iterator result = userMgr.findAuthorizables("E-Mail", "anyVal");
+            Iterator<Authorizable> result = userMgr.findAuthorizables("E-Mail", "anyVal");
             while (result.hasNext()) {
-                Authorizable a = (Authorizable) result.next();
+                Authorizable a = result.next();
                 if (a.getID().equals(auth.getID())) {
                     found = true;
                 }
@@ -233,19 +211,21 @@
             // remove the create group again.
             if (auth != null) {
                 auth.remove();
+                save(superuser);
             }
         }
     }
 
-    public void testFindUser() throws RepositoryException {
+    public void testFindUser() throws RepositoryException, NotExecutableException {
         User u = null;
         try {
             Principal p = getTestPrincipal();
             String uid = "UID" + p.getName();
             u = userMgr.createUser(uid, buildPassword(uid, false), p, null);
+            save(superuser);
 
             boolean found = false;
-            Iterator it = userMgr.findAuthorizables(pPrincipalName, null, UserManager.SEARCH_TYPE_USER);
+            Iterator<Authorizable> it = userMgr.findAuthorizables(pPrincipalName, null,
UserManager.SEARCH_TYPE_USER);
             while (it.hasNext() && !found) {
                 User nu = (User) it.next();
                 found = nu.getID().equals(uid);
@@ -273,18 +253,20 @@
         } finally {
             if (u != null) {
                 u.remove();
+                save(superuser);
             }
         }
     }
 
-    public void testFindGroup() throws RepositoryException {
+    public void testFindGroup() throws RepositoryException, NotExecutableException {
         Group gr = null;
         try {
             Principal p = getTestPrincipal();
             gr = userMgr.createGroup(p);
+            save(superuser);
 
             boolean found = false;
-            Iterator it = userMgr.findAuthorizables(pPrincipalName, null, UserManager.SEARCH_TYPE_GROUP);
+            Iterator<Authorizable> it = userMgr.findAuthorizables(pPrincipalName, null,
UserManager.SEARCH_TYPE_GROUP);
             while (it.hasNext() && !found) {
                 Group ng = (Group) it.next();
                 found = ng.getPrincipal().getName().equals(p.getName());
@@ -310,25 +292,26 @@
         } finally {
             if (gr != null) {
                 gr.remove();
+                save(superuser);
             }
         }
     }
 
     public void testFindAllUsers() throws RepositoryException {
-        Iterator it = userMgr.findAuthorizables(pPrincipalName, null, UserManager.SEARCH_TYPE_USER);
+        Iterator<Authorizable> it = userMgr.findAuthorizables(pPrincipalName, null,
UserManager.SEARCH_TYPE_USER);
         while (it.hasNext()) {
-            assertFalse(((Authorizable) it.next()).isGroup());
+            assertFalse(it.next().isGroup());
         }
     }
 
     public void testFindAllGroups() throws RepositoryException {
-        Iterator it = userMgr.findAuthorizables(pPrincipalName, null, UserManager.SEARCH_TYPE_GROUP);
+        Iterator<Authorizable> it = userMgr.findAuthorizables(pPrincipalName, null,
UserManager.SEARCH_TYPE_GROUP);
         while (it.hasNext()) {
-            assertTrue(((Authorizable) it.next()).isGroup());
+            assertTrue(it.next().isGroup());
         }
     }
 
-    public void testNewUserCanLogin() throws RepositoryException {
+    public void testNewUserCanLogin() throws RepositoryException, NotExecutableException
{
         String uid = getTestPrincipal().getName();
         String pw = buildPassword(uid, false);
 
@@ -336,11 +319,14 @@
         Session s = null;
         try {
             u = userMgr.createUser(uid, pw);
+            save(superuser);
+
             Credentials creds = new SimpleCredentials(uid, pw.toCharArray());
             s = superuser.getRepository().login(creds);
         } finally {
             if (u != null) {
                 u.remove();
+                save(superuser);
             }
             if (s != null) {
                 s.logout();
@@ -386,8 +372,8 @@
     public void testCleanupForAllWorkspaces() throws RepositoryException, NotExecutableException
{
         String[] workspaceNames = superuser.getWorkspace().getAccessibleWorkspaceNames();
 
-        for (int i = 0; i < workspaceNames.length; i++) {
-            Session s = getHelper().getSuperuserSession(workspaceNames[i]);
+        for (String workspaceName1 : workspaceNames) {
+            Session s = getHelper().getSuperuserSession(workspaceName1);
             try {
                 UserManager umgr = getUserManager(s);
                 s.logout();
@@ -408,4 +394,106 @@
             }
         }
     }
+
+    /**
+     * Implementation specific test: user(/groups) cannot be nested.
+     * @throws RepositoryException
+     */
+    public void testEnforceAuthorizableFolderHierarchy() throws RepositoryException {
+        AuthorizableImpl authImpl = (AuthorizableImpl) userMgr.getAuthorizable(superuser.getUserID());
+        Node userNode = authImpl.getNode();
+        SessionImpl sImpl = (SessionImpl) userNode.getSession();
+
+        Node folder = userNode.addNode("folder", sImpl.getJCRName(UserConstants.NT_REP_AUTHORIZABLE_FOLDER));
+        String path = folder.getPath();
+        try {
+            // authNode - authFolder -> create User
+            Authorizable a = null;
+            try {
+                Principal p = getTestPrincipal();
+                a = userMgr.createUser(p.getName(), p.getName(), p, path);
+                fail("Users may not be nested.");
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                if (a != null) {
+                    a.remove();
+                }
+            }
+        } finally {
+            if (sImpl.nodeExists(path)) {
+                folder.remove();
+                sImpl.save();
+            }
+        }
+
+        Node someContent = userNode.addNode("mystuff", "nt:unstructured");
+        path = someContent.getPath();
+        try {
+            // authNode - anyNode -> create User
+            Authorizable a = null;
+            try {
+                Principal p = getTestPrincipal();
+                a = userMgr.createUser(p.getName(), p.getName(), p, someContent.getPath());
+                fail("Users may not be nested.");
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                if (a != null) {
+                    a.remove();
+                    a = null;
+                }
+            }
+
+            // authNode - anyNode - authFolder -> create User
+            if (!sImpl.nodeExists(path)) {
+                someContent = userNode.addNode("mystuff", "nt:unstructured");           
   
+            }
+            folder = someContent.addNode("folder", sImpl.getJCRName(UserConstants.NT_REP_AUTHORIZABLE_FOLDER));
+            sImpl.save(); // this time save node structure
+            try {
+                Principal p = getTestPrincipal();
+                a = userMgr.createUser(p.getName(), p.getName(), p, folder.getPath());
+                fail("Users may not be nested.");
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                if (a != null) {
+                    a.remove();
+                }
+            }
+        } finally {
+            if (sImpl.nodeExists(path)) {
+                someContent.remove();
+                sImpl.save();
+            }
+        }
+    }
+
+
+    public void testCreateWithRelativePath() throws Exception {
+        Principal p = getTestPrincipal();
+        String uid = p.getName();
+
+        String usersPath = ((UserManagerImpl) userMgr).getUsersPath();
+
+        List<String> invalid = new ArrayList();
+        invalid.add("../../path");
+        invalid.add(usersPath + "/../test");
+
+        for (String path : invalid) {
+            try {
+                User user = userMgr.createUser(uid, buildPassword(uid, true), p, path);
+                save(superuser);
+
+                fail("intermediate path may not point outside of the user tree.");
+                user.remove();
+                save(superuser);
+                
+            } catch (Exception e) {
+                // success
+                assertNull(userMgr.getAuthorizable(uid));
+            }
+        }
+    }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/xml/AccessControlImporterTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/xml/AccessControlImporterTest.java?rev=828791&r1=828790&r2=828791&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/xml/AccessControlImporterTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/xml/AccessControlImporterTest.java
Thu Oct 22 17:26:37 2009
@@ -18,10 +18,13 @@
 
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
+import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
 import org.apache.jackrabbit.commons.xml.ParsingContentHandler;
 import org.apache.jackrabbit.core.NodeImpl;
 import org.apache.jackrabbit.core.SessionImpl;
+import org.apache.jackrabbit.core.config.ImportConfig;
 import org.apache.jackrabbit.core.security.authorization.AccessControlConstants;
+import org.apache.jackrabbit.core.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.test.AbstractJCRTest;
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.xml.sax.SAXException;
@@ -40,9 +43,11 @@
 import java.io.InputStream;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Collections;
 
 /**
- * <code>SystemViewTest</code>...
+ * <code>AccessControlImporterTest</code>: Testing import of resource based
+ * ACLs.
  */
 public class AccessControlImporterTest extends AbstractJCRTest {
 
@@ -176,7 +181,6 @@
     private static final String XML_POLICY_ONLY   = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><sv:node
sv:name=\"test\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\"
xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\"
xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\"
xmlns:jcr=\"http://www.jcp.org/jcr/1.0\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>nt:unstructured</sv:value></sv:property><sv:property
sv:name=\"jcr:mixinTypes\" sv:type=\"Name\"><sv:value>rep:AccessControllable</sv:value><sv:value>mix:versionable</sv:value></sv:property><sv:property
sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>0a0ca2e9-ab98-4433-a12b-d57283765207</sv:value></sv:property><sv:property
sv:name=\"jcr:baseVersion\" sv:type=\"Reference\"><sv:value>35d0d137-a3a4-4af3-8cdd-ce565ea6bdc9</sv:value></sv:property>
 <sv:property sv:name=\"jcr:isCheckedOut\" sv:type=\"Boolean\"><sv:value>true</sv:value></sv:property><sv:property
sv:name=\"jcr:predecessors\" sv:type=\"Reference\"><sv:value>35d0d137-a3a4-4af3-8cdd-ce565ea6bdc9</sv:value></sv:property><sv:property
sv:name=\"jcr:versionHistory\" sv:type=\"Reference\"><sv:value>428c9ef2-78e5-4f1c-95d3-16b4ce72d815</sv:value></sv:property><sv:node
sv:name=\"rep:policy\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:ACL</sv:value></sv:property></sv:node></sv:node>";
 
 
-    private ProtectedNodeImporter piImporter;
     private SessionImpl sImpl;
 
     @Override
@@ -187,7 +191,16 @@
             throw new NotExecutableException("SessionImpl expected");
         }
         sImpl = (SessionImpl) superuser;
-        piImporter = new AccessControlImporter(sImpl, sImpl, false, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW);
+
+        // make sure the repository provides resource based policies.
+        AccessControlPolicyIterator it = sImpl.getAccessControlManager().getApplicablePolicies("/");
+        if (!it.hasNext()) {
+            AccessControlPolicy[] pcs = sImpl.getAccessControlManager().getPolicies("/");
+            if (pcs == null || pcs.length == 0) {
+                throw new NotExecutableException();
+            }
+
+        } // ok resource based acl
     }
 
     private NodeImpl createPolicyNode(NodeImpl target) throws Exception {
@@ -214,9 +227,14 @@
         }
     }
 
+    private static ProtectedNodeImporter createImporter() {
+        return new AccessControlImporter();
+    }
+
     public void testWorkspaceImport() throws Exception {
         boolean isWorkspaceImport = true;
-        ProtectedNodeImporter protectedImporter = new AccessControlImporter(sImpl, sImpl,
isWorkspaceImport, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW);
+        ProtectedNodeImporter protectedImporter = new AccessControlImporter();
+        protectedImporter.init(sImpl, sImpl, isWorkspaceImport, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
null);
 
         NodeImpl n = createPolicyNode((NodeImpl) testRootNode);
         assertFalse(protectedImporter.start(n));
@@ -224,6 +242,8 @@
 
     public void testNonProtectedNode() throws Exception {
         if (!testRootNode.getDefinition().isProtected()) {
+            ProtectedNodeImporter piImporter = createImporter();
+            piImporter.init(sImpl, sImpl, false, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
null);
             assertFalse(piImporter.start((NodeImpl) testRootNode));
         } else {
             throw new NotExecutableException();
@@ -234,6 +254,8 @@
         Node n = testRootNode.addNode(nodeName1);
         n.addMixin(mixVersionable);
 
+        ProtectedNodeImporter piImporter = createImporter();
+        piImporter.init(sImpl, sImpl, false, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
null);
         assertFalse(piImporter.start((NodeImpl) n));
     }
 
@@ -248,7 +270,7 @@
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_TREE.getBytes("UTF-8"));
             SessionImporter importer = new SessionImporter(target, sImpl,
-                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, piImporter, null);
+                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -290,7 +312,7 @@
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_3.getBytes("UTF-8"));
             SessionImporter importer = new SessionImporter(target, sImpl,
-                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, piImporter, null);
+                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -335,13 +357,13 @@
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_3.getBytes("UTF-8"));
             SessionImporter importer = new SessionImporter(target, sImpl,
-                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, piImporter, null);
+                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
             in = new ByteArrayInputStream(XML_POLICY_TREE_5.getBytes("UTF-8"));
             importer = new SessionImporter(target, sImpl,
-                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, piImporter, null);
+                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
             ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -381,7 +403,7 @@
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_4.getBytes("UTF-8"));
             SessionImporter importer = new SessionImporter(target, sImpl,
-                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, piImporter, null);
+                    ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -442,7 +464,7 @@
         try {
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_2.getBytes("UTF-8"));
-            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_CREATE_NEW,
piImporter, null);
+            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_CREATE_NEW,
new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -492,7 +514,7 @@
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_ONLY.getBytes("UTF-8"));
 
-            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_CREATE_NEW,
piImporter, null);
+            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_CREATE_NEW,
new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -516,6 +538,14 @@
      * @throws Exception
      */
     public void testImportPrincipalBasedACL() throws Exception {
+        JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) sImpl.getAccessControlManager();
+        if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 ||
+                acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
+            // test expects that only resource-based acl is supported
+            throw new NotExecutableException();
+        }
+
+
         NodeImpl target;
         NodeImpl root = (NodeImpl) sImpl.getRootNode();
         if (!root.hasNode(AccessControlConstants.N_ACCESSCONTROL)) {
@@ -530,7 +560,7 @@
 
             InputStream in = new ByteArrayInputStream(XML_AC_TREE.getBytes("UTF-8"));
 
-            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
piImporter, null);
+            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
new PseudoConfig());
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -559,7 +589,7 @@
 
             InputStream in = new ByteArrayInputStream(XML_POLICY_TREE.getBytes("UTF-8"));
 
-            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
null, null);
+            SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW,
null);
             ImportHandler ih = new ImportHandler(importer, sImpl);
             new ParsingContentHandler(ih).parse(in);
 
@@ -579,4 +609,18 @@
             superuser.refresh(false);
         }
     }
+
+    private final class PseudoConfig extends ImportConfig {
+
+        private final ProtectedNodeImporter aci;
+
+        private PseudoConfig() {
+            this.aci = createImporter();
+        }
+
+        @Override
+        public List<ProtectedNodeImporter> getProtectedNodeImporters() {
+            return Collections.singletonList(aci);
+        }
+    }
 }



Mime
View raw message