jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1072069 - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/SessionImpl.java test/java/org/apache/jackrabbit/core/integration/SessionImplTest.java
Date Fri, 18 Feb 2011 17:19:13 GMT
Author: angela
Date: Fri Feb 18 17:19:13 2011
New Revision: 1072069

URL: http://svn.apache.org/viewvc?rev=1072069&view=rev
Log:
JCR-2895 - SessionImpl#getSubject() should return an unmodifiable subject

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SessionImpl.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/integration/SessionImplTest.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SessionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SessionImpl.java?rev=1072069&r1=1072068&r2=1072069&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SessionImpl.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SessionImpl.java
Fri Feb 18 17:19:13 2011
@@ -343,7 +343,7 @@ public class SessionImpl extends Abstrac
                 new File(context.getRepository().getConfig().getHomeDir()),
                 context.getRepositoryContext().getFileSystem(),
                 this,
-                getSubject(),
+                subject,
                 context.getHierarchyManager(),
                 this,
                 wspName);
@@ -367,12 +367,14 @@ public class SessionImpl extends Abstrac
     }
 
     /**
-     * Returns the <code>Subject</code> associated with this session.
+     * Returns a read only copy of the <code>Subject</code> associated with this
+     * session.
      *
-     * @return the <code>Subject</code> associated with this session
+     * @return a read only copy of <code>Subject</code> associated with this
session
      */
     public Subject getSubject() {
-        return subject;
+        Subject readOnly = new Subject(true, subject.getPrincipals(), subject.getPublicCredentials(),
subject.getPrivateCredentials());
+        return readOnly;
     }
 
     /**
@@ -396,8 +398,7 @@ public class SessionImpl extends Abstrac
             workspaceName =
                 repositoryContext.getWorkspaceManager().getDefaultWorkspaceName();
         }
-        Subject old = getSubject();
-        Subject newSubject = new Subject(old.isReadOnly(), old.getPrincipals(), old.getPublicCredentials(),
old.getPrivateCredentials());
+        Subject newSubject = new Subject(subject.isReadOnly(), subject.getPrincipals(), subject.getPublicCredentials(),
subject.getPrivateCredentials());
         return repositoryContext.getWorkspaceManager().createSession(
                 newSubject, workspaceName);
     }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/integration/SessionImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/integration/SessionImplTest.java?rev=1072069&r1=1072068&r2=1072069&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/integration/SessionImplTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/integration/SessionImplTest.java
Fri Feb 18 17:19:13 2011
@@ -18,6 +18,7 @@ package org.apache.jackrabbit.core.integ
 
 import java.security.AccessControlException;
 
+import javax.jcr.Credentials;
 import javax.jcr.PathNotFoundException;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
@@ -26,6 +27,7 @@ import javax.security.auth.Subject;
 
 import org.apache.jackrabbit.core.RepositoryImpl;
 import org.apache.jackrabbit.core.SessionImpl;
+import org.apache.jackrabbit.core.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.test.AbstractJCRTest;
 import org.apache.jackrabbit.test.NotExecutableException;
 
@@ -133,4 +135,31 @@ public class SessionImplTest extends Abs
             assertFalse(subject.getPublicCredentials().isEmpty());
         }
     }
+
+    /**
+     * JCR-2895 : SessionImpl#getSubject() should return an unmodifiable subject
+     *
+     * @see <a href="https://issues.apache.org/jira/browse/JCR-2895">JCR-2895</a>
+     */
+    public void testGetSubject() {
+        Subject subject = ((SessionImpl) superuser).getSubject();
+
+        assertFalse(subject.getPublicCredentials().isEmpty());
+        assertFalse(subject.getPublicCredentials(Credentials.class).isEmpty());
+        assertFalse(subject.getPrincipals().isEmpty());
+
+        assertTrue(subject.isReadOnly());
+        try {
+            subject.getPublicCredentials().add(new SimpleCredentials("test", new char[0]));
+            fail("Subject expected to be readonly");
+        } catch (IllegalStateException e) {
+            // success
+        }
+        try {
+            subject.getPrincipals().add(new PrincipalImpl("test"));
+            fail("Subject expected to be readonly");
+        } catch (IllegalStateException e) {
+            // success
+        }
+    }
 }



Mime
View raw message