jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1092723 [2/2] - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/security/authorization/ main/java/org/apache/jackrabbit/core/security/authorization/acl/ main/java/org/apache/jackrabbit/core/security/authoriza...
Date Fri, 15 Apr 2011 14:34:46 GMT
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java Fri Apr 15 14:34:45 2011
@@ -119,9 +119,6 @@ public abstract class AbstractACLTemplat
                 public boolean isAllow() {
                     return false;
                 }
-                public int getPrivilegeBits() throws RepositoryException {
-                    return privilegeMgr.getBits(privilegeMgr.getPrivilege(Privilege.JCR_READ));
-                }
                 public String[] getRestrictionNames() {
                     return new String[0];
                 }
@@ -200,16 +197,16 @@ public abstract class AbstractACLTemplat
         assertTrue(pt.addEntry(testPrincipal, modProp, false, null));
 
         // test net-effect
-        int allows = PrivilegeRegistry.NO_PRIVILEGE;
-        int denies = PrivilegeRegistry.NO_PRIVILEGE;
+        PrivilegeBits allows = PrivilegeBits.getInstance();
+        PrivilegeBits denies = PrivilegeBits.getInstance();
         AccessControlEntry[] entries = pt.getAccessControlEntries();
         for (AccessControlEntry ace : entries) {
             if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
-                int entryBits = privilegeMgr.getBits(ace.getPrivileges());
+                PrivilegeBits entryBits = privilegeMgr.getBits(ace.getPrivileges());
                 if (((JackrabbitAccessControlEntry) ace).isAllow()) {
-                    allows |= Permission.diff(entryBits, denies);
+                    allows.addDifference(entryBits, denies);
                 } else {
-                    denies |= Permission.diff(entryBits, allows);
+                    denies.addDifference(entryBits, allows);
                 }
             }
         }
@@ -225,21 +222,21 @@ public abstract class AbstractACLTemplat
         assertTrue(pt.addEntry(testPrincipal, privilegesFromName(Privilege.JCR_READ), false, Collections.<String, Value>emptyMap()));
 
         // test net-effect
-        int allows = PrivilegeRegistry.NO_PRIVILEGE;
-        int denies = PrivilegeRegistry.NO_PRIVILEGE;
+        PrivilegeBits allows = PrivilegeBits.getInstance();
+        PrivilegeBits denies = PrivilegeBits.getInstance();
         AccessControlEntry[] entries = pt.getAccessControlEntries();
         for (AccessControlEntry ace : entries) {
             if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
-                int entryBits = privilegeMgr.getBits(ace.getPrivileges());
+                PrivilegeBits entryBits = privilegeMgr.getBits(ace.getPrivileges());
                 if (((JackrabbitAccessControlEntry) ace).isAllow()) {
-                    allows |= Permission.diff(entryBits, denies);
+                    allows.addDifference(entryBits, denies);
                 } else {
-                    denies |= Permission.diff(entryBits, allows);
+                    denies.addDifference(entryBits, allows);
                 }
             }
         }
 
-        assertEquals(PrivilegeRegistry.NO_PRIVILEGE, allows);
+        assertTrue(allows.isEmpty());
         assertEquals(privilegeMgr.getBits(privilegesFromName(Privilege.JCR_READ)), denies);
     }
 

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java Fri Apr 15 14:34:45 2011
@@ -103,14 +103,14 @@ public abstract class AbstractEntryTest 
         assertNotNull(privs);
         assertEquals(1, privs.length);
         assertEquals(privs[0], acMgr.privilegeFromName(Privilege.JCR_READ));
-        assertTrue(privMgr.getBits(privs) == privMgr.getBits(entry.getPrivileges()));
+        assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
 
         entry = createEntry(new String[] {PrivilegeRegistry.REP_WRITE}, true);
         privs = entry.getPrivileges();
         assertNotNull(privs);
         assertEquals(1, privs.length);
         assertEquals(privs[0], acMgr.privilegeFromName(PrivilegeRegistry.REP_WRITE));
-        assertTrue(privMgr.getBits(privs) == privMgr.getBits(entry.getPrivileges()));
+        assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
 
         entry = createEntry(new String[] {Privilege.JCR_ADD_CHILD_NODES,
                 Privilege.JCR_REMOVE_CHILD_NODES}, true);
@@ -196,14 +196,10 @@ public abstract class AbstractEntryTest 
                 acMgr.privilegeFromName(Privilege.JCR_ALL)
         };
 
-        final PrivilegeManagerImpl privMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
         JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {
             public boolean isAllow() {
                 return true;
             }
-            public int getPrivilegeBits() throws AccessControlException {
-                return privMgr.getBits(privs);
-            }
             public String[] getRestrictionNames() {
                 return new String[0];
             }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java Fri Apr 15 14:34:45 2011
@@ -87,17 +87,12 @@ public class CustomPrivilegeTest extends
 
         assertNotNull(p);
 
-        assertEquals(def.isCustom(), pmgr.isCustomPrivilege(p));
         assertEquals(def.isAbstract(), p.isAbstract());
         Name[] danames = def.getDeclaredAggregateNames();
         assertEquals(danames.length > 0, p.isAggregate());
         assertEquals(danames.length, p.getDeclaredAggregatePrivileges().length);
     }
 
-    private static void assertBits(int expected, PrivilegeRegistry.Definition def, PrivilegeRegistry registry) {
-        assertEquals(expected, registry.getBits(new PrivilegeRegistry.Definition[] {def}));
-    }
-
     private static Set<Name> createNameSet(Name... names) {
         Set<Name> set = new HashSet<Name>();
         set.addAll(Arrays.asList(names));
@@ -216,14 +211,12 @@ public class CustomPrivilegeTest extends
         newAggregates.put(resolver.getQName("jcr:newAggregate"), createNameSet(NameConstants.JCR_READ, resolver.getQName("unknownPrivilege")));
         // aggregate containing unknown privilege
         newAggregates.put(resolver.getQName("newAggregate"), createNameSet(resolver.getQName("unknownPrivilege")));
-        // aggregated combining built-in and custom
-        newAggregates.put(resolver.getQName("newAggregate"), createNameSet(NameConstants.JCR_READ, resolver.getQName("unknownPrivilege")));
         // custom aggregated contains itself
         newAggregates.put(resolver.getQName("newAggregate"), createNameSet(resolver.getQName("newAggregate")));
         // same as rep:write
         newAggregates.put(resolver.getQName("repWriteAggregate"), createNameSet(NameConstants.JCR_MODIFY_PROPERTIES, NameConstants.JCR_ADD_CHILD_NODES, NameConstants.JCR_NODE_TYPE_MANAGEMENT, NameConstants.JCR_REMOVE_CHILD_NODES,NameConstants.JCR_REMOVE_NODE));
-        // aggregating built-in -> currently not supported
-        newAggregates.put(resolver.getQName("aggrBuiltIn"), createNameSet(NameConstants.JCR_MODIFY_PROPERTIES, NameConstants.JCR_READ));
+        // aggregated combining built-in and unknown custom
+        newAggregates.put(resolver.getQName("newAggregate"), createNameSet(NameConstants.JCR_READ, resolver.getQName("unknownPrivilege")));
 
         for (Name name : newAggregates.keySet()) {
             try {
@@ -238,7 +231,11 @@ public class CustomPrivilegeTest extends
     public void testRegisterInvalidNewAggregate2() throws RepositoryException, FileSystemException {
         Map<Name, Set<Name>> newCustomPrivs = new LinkedHashMap<Name, Set<Name>>();
         newCustomPrivs.put(resolver.getQName("new"), Collections.<Name>emptySet());
-        newCustomPrivs.put(resolver.getQName("new2"), Collections.<Name>singleton(resolver.getQName("new")));
+        newCustomPrivs.put(resolver.getQName("new2"), Collections.<Name>emptySet());
+        Set<Name> decl = new HashSet<Name>();
+        decl.add(resolver.getQName("new"));
+        decl.add(resolver.getQName("new2"));
+        newCustomPrivs.put(resolver.getQName("new3"), decl);
 
         for (Name name : newCustomPrivs.keySet()) {
             boolean isAbstract = true;
@@ -247,9 +244,7 @@ public class CustomPrivilegeTest extends
         }
 
         Map<Name, Set<Name>> newAggregates = new HashMap<Name, Set<Name>>();
-        // a new aggregate of custom and built-in privilege
-        newAggregates.put(resolver.getQName("newA1"), createNameSet(resolver.getQName("new"), NameConstants.JCR_READ));
-        // other illegal aggregates already represented by registered definition.
+         // other illegal aggregates already represented by registered definition.
         newAggregates.put(resolver.getQName("newA2"), Collections.<Name>singleton(resolver.getQName("new")));
         newAggregates.put(resolver.getQName("newA3"), Collections.<Name>singleton(resolver.getQName("new2")));
 
@@ -280,7 +275,6 @@ public class CustomPrivilegeTest extends
             // validate definition
             PrivilegeRegistry.Definition definition = privilegeRegistry.get(name);
             assertNotNull(definition);
-            assertTrue(definition.isCustom());
             assertEquals(name, definition.getName());
             assertTrue(definition.isAbstract());
             assertTrue(definition.declaredAggregateNames.isEmpty());
@@ -288,7 +282,6 @@ public class CustomPrivilegeTest extends
             for (Name n : aggrNames) {
                 assertTrue(definition.declaredAggregateNames.contains(n));
             }
-            assertBits(PrivilegeRegistry.NO_PRIVILEGE, definition, privilegeRegistry);
 
             List<Name> allAgg = Arrays.asList(privilegeRegistry.get(NameConstants.JCR_ALL).getDeclaredAggregateNames());
             assertTrue(allAgg.contains(name));
@@ -308,6 +301,10 @@ public class CustomPrivilegeTest extends
         Map<Name, Set<Name>> newAggregates = new HashMap<Name, Set<Name>>();
         // a new aggregate of custom privileges
         newAggregates.put(resolver.getQName("newA2"), createNameSet(resolver.getQName("test:new"), resolver.getQName("new")));
+        // a new aggregate of custom and built-in privilege
+        newAggregates.put(resolver.getQName("newA1"), createNameSet(resolver.getQName("new"), NameConstants.JCR_READ));
+        // aggregating built-in privileges
+        newAggregates.put(resolver.getQName("aggrBuiltIn"), createNameSet(NameConstants.JCR_MODIFY_PROPERTIES, NameConstants.JCR_READ));
 
         for (Name name : newAggregates.keySet()) {
             boolean isAbstract = false;
@@ -316,7 +313,6 @@ public class CustomPrivilegeTest extends
             PrivilegeRegistry.Definition definition = privilegeRegistry.get(name);
 
             assertNotNull(definition);
-            assertTrue(definition.isCustom());
             assertEquals(name, definition.getName());
             assertFalse(definition.isAbstract());
             assertFalse(definition.declaredAggregateNames.isEmpty());
@@ -325,8 +321,6 @@ public class CustomPrivilegeTest extends
                 assertTrue(definition.declaredAggregateNames.contains(n));
             }
 
-            assertBits(PrivilegeRegistry.NO_PRIVILEGE, definition, privilegeRegistry);
-
             List<Name> allAgg = Arrays.asList(privilegeRegistry.get(NameConstants.JCR_ALL).getDeclaredAggregateNames());
             assertTrue(allAgg.contains(name));
 
@@ -356,14 +350,14 @@ public class CustomPrivilegeTest extends
         assertEquals(privName, priv.getName());
         assertEquals(isAbstract, priv.isAbstract());
         assertFalse(priv.isAggregate());
-        assertEquals(PrivilegeRegistry.NO_PRIVILEGE, pm.getBits(priv));
+        assertFalse(pm.getBits(priv).isEmpty());
 
         Privilege jcrWrite = pm.getPrivilege(Privilege.JCR_WRITE);
-        assertEquals(pm.getBits(jcrWrite), pm.getBits(priv, jcrWrite));
-
+        assertFalse(pm.getBits(jcrWrite).equals(pm.getBits(priv, jcrWrite)));
     }
 
     public void testRegister100CustomPrivileges() throws RepositoryException, FileSystemException {
+        PrivilegeBits previous = privilegeRegistry.get(NameConstants.JCR_RETENTION_MANAGEMENT).getBits();
         for (int i = 0; i < 100; i++) {
             boolean isAbstract = true;
             Name name = ((SessionImpl) superuser).getQName("test"+i);
@@ -372,6 +366,19 @@ public class CustomPrivilegeTest extends
 
             assertNotNull(definition);
             assertEquals(name, definition.getName());
+
+            PrivilegeBits bits = definition.getBits();
+            assertNotNull(bits);
+            assertFalse(bits.isEmpty());
+
+            assertFalse(previous.equals(bits));
+            assertEquals(previous.nextBits(), bits);
+
+            PrivilegeRegistry.Definition all = privilegeRegistry.get(NameConstants.JCR_ALL);
+            assertTrue(Arrays.asList(all.getDeclaredAggregateNames()).contains(name));
+            assertTrue(all.getBits().includes(bits));
+
+            previous = bits;
         }
     }
 }
\ No newline at end of file

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java Fri Apr 15 14:34:45 2011
@@ -36,7 +36,9 @@ import javax.jcr.security.Privilege;
 import java.security.Principal;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 /**
  * <code>JackrabbitAccessControlListTest</code>...
@@ -127,11 +129,11 @@ public class JackrabbitAccessControlList
             if (entries.length == 0) {
                 fail("GrantPrivileges was successful -> at least 1 entry for principal.");
             }
-            int allows = 0;
+            PrivilegeBits allows = PrivilegeBits.getInstance();
             for (AccessControlEntry en : entries) {
-                int bits = privilegeMgr.getBits(en.getPrivileges());
+                PrivilegeBits bits = privilegeMgr.getBits(en.getPrivileges());
                 if (en instanceof JackrabbitAccessControlEntry && ((JackrabbitAccessControlEntry) en).isAllow()) {
-                    allows |= bits;
+                    allows.add(bits);
                 }
             }
             assertEquals(privilegeMgr.getBits(priv), allows);
@@ -145,18 +147,18 @@ public class JackrabbitAccessControlList
         Principal princ = getValidPrincipal();
         Privilege[] privs = privilegesFromName(PrivilegeRegistry.REP_WRITE);
 
-        int allows = 0;
         templ.addEntry(princ, privs, true, Collections.<String, Value>emptyMap());
         AccessControlEntry[] entries = templ.getAccessControlEntries();
         assertTrue("GrantPrivileges was successful -> at least 1 entry for principal.", entries.length > 0);
 
+        PrivilegeBits allows = PrivilegeBits.getInstance();        
         for (AccessControlEntry en : entries) {
-            int bits = privilegeMgr.getBits(en.getPrivileges());
+            PrivilegeBits bits = privilegeMgr.getBits(en.getPrivileges());
             if (en instanceof JackrabbitAccessControlEntry && ((JackrabbitAccessControlEntry) en).isAllow()) {
-                allows |= bits;
+                allows.add(bits);
             }
         }
-        assertTrue("After successfully granting WRITE, the entries must reflect this", allows >= privilegeMgr.getBits(privs));
+        assertTrue("After successfully granting WRITE, the entries must reflect this", allows.includes(privilegeMgr.getBits(privs)));
     }
 
     public void testAllowWriteDenyRemove() throws NotExecutableException, RepositoryException {
@@ -167,25 +169,29 @@ public class JackrabbitAccessControlList
         templ.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
         templ.addEntry(princ, dePriv, false, Collections.<String, Value>emptyMap());
 
-        int allows = PrivilegeRegistry.NO_PRIVILEGE;
-        int denies = PrivilegeRegistry.NO_PRIVILEGE;
+        Set<Privilege> allows = new HashSet<Privilege>();
+        Set<Privilege> denies = new HashSet<Privilege>();
         AccessControlEntry[] entries = templ.getAccessControlEntries();
         for (AccessControlEntry en : entries) {
             if (princ.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry) {
                 JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
-                int entryBits = privilegeMgr.getBits(ace.getPrivileges());
+                Privilege[] privs = ace.getPrivileges();
                 if (ace.isAllow()) {
-                    allows |= Permission.diff(entryBits, denies);
+                    allows.addAll(Arrays.asList(privs));
                 } else {
-                    denies |= Permission.diff(entryBits, allows);
+                    denies.addAll(Arrays.asList(privs));
                 }
             }
         }
 
-        int expectedAllows = privilegeMgr.getBits(grPriv) ^ privilegeMgr.getBits(dePriv);
-        assertEquals(expectedAllows, allows);
-        int expectedDenies = privilegeMgr.getBits(dePriv);
-        assertEquals(expectedDenies, denies);
+        String[] expected = new String[] {Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_NODE, Privilege.JCR_MODIFY_PROPERTIES, Privilege.JCR_NODE_TYPE_MANAGEMENT};
+        assertEquals(expected.length, allows.size());
+        for (String name : expected) {
+            assertTrue(allows.contains(acMgr.privilegeFromName(name)));
+        }
+
+        assertEquals(1, denies.size());
+        assertEquals(acMgr.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES), denies.iterator().next());
     }
 
     public void testRemoveEntry() throws NotExecutableException, RepositoryException {

Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java?rev=1092723&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java Fri Apr 15 14:34:45 2011
@@ -0,0 +1,513 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authorization;
+
+import org.apache.jackrabbit.test.JUnitTest;
+
+/**
+ * <code>PrivilegeBitsTest</code>...
+ */
+public class PrivilegeBitsTest extends JUnitTest {
+
+    private static final PrivilegeBits READ_PRIVILEGE_BITS = PrivilegeBits.getInstance(1);
+
+    private static final long[] LONGS = new long[] {1, 2, 13, 199, 512, Long.MAX_VALUE/2, Long.MAX_VALUE-1, Long.MAX_VALUE};
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+    }
+
+    //-----------------------------------------------------------< internal >---
+
+    public void testLongValue() {
+        // empty
+        assertEquals(PrivilegeRegistry.NO_PRIVILEGE, PrivilegeBits.EMPTY.longValue());
+
+        // long based privilege bits
+        for (long l : LONGS) {
+            assertEquals(l, PrivilegeBits.getInstance(l).longValue());
+        }
+
+        // long based privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        long l = pb.longValue();
+        while (l < Long.MAX_VALUE/2) {
+            l = l << 1;
+            pb = pb.nextBits();
+            assertEquals(l, pb.longValue());
+        }
+
+        // other privilege bits: long value not available.
+        for (int i = 0; i < 10; i++) {
+            pb = pb.nextBits();
+            assertEquals(0, pb.longValue());
+        }
+
+        // modifiable privilege bits
+        pb = READ_PRIVILEGE_BITS;
+        for (int i = 0; i < 100; i++) {
+            PrivilegeBits modifiable = PrivilegeBits.getInstance(pb);
+            assertEquals(pb.longValue(), modifiable.longValue());
+            pb = pb.nextBits();
+        }
+    }
+
+    public void testNextBits() {
+        // empty
+        assertSame(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY.nextBits());
+
+        // long based privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        long l = pb.longValue();
+        while (l < Long.MAX_VALUE/2) {
+            l = l << 1;
+            pb = pb.nextBits();
+            assertEquals(l, pb.longValue());
+        }
+
+        // other privilege bits: long value not available.
+        for (int i = 0; i < 10; i++) {
+            PrivilegeBits nxt = pb.nextBits();
+            assertEquals(nxt, pb.nextBits());
+            assertFalse(pb.equals(nxt));
+            pb = nxt;
+        }
+
+        // modifiable privilege bits
+        pb = READ_PRIVILEGE_BITS;
+        for (int i = 0; i < 100; i++) {
+            PrivilegeBits modifiable = PrivilegeBits.getInstance(pb);
+            try {
+                modifiable.nextBits();
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+            pb = pb.nextBits();
+        }
+    }
+
+
+    public void testUnmodifiable() {
+        assertSame(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY.unmodifiable());
+
+        // other privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+        for (int i = 0; i < 100; i++) {
+            PrivilegeBits nxt = pb.nextBits();
+            assertSame(nxt, nxt.unmodifiable());
+            assertEquals(nxt, nxt.unmodifiable());
+
+            mod.add(nxt);
+            assertNotSame(mod, mod.unmodifiable());
+            assertEquals(mod, mod.unmodifiable());
+
+            pb = nxt;
+        }
+    }
+
+    //---------------------------------------------------------------< test >---
+
+    public void testIncludesRead() {
+        // empty
+        assertFalse(PrivilegeBits.EMPTY.includesRead());
+
+        // other privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        assertTrue(pb.includesRead());
+        assertTrue(PrivilegeBits.getInstance(pb).includesRead());
+
+        PrivilegeBits mod = PrivilegeBits.getInstance();
+        for (int i = 0; i < 100; i++) {
+            mod.add(pb);            
+            assertTrue(mod.includesRead());
+
+            pb = pb.nextBits();
+            assertFalse(pb.includesRead());
+            assertFalse(PrivilegeBits.getInstance(pb).includesRead());
+
+            PrivilegeBits modifiable = PrivilegeBits.getInstance(pb);
+            modifiable.add(READ_PRIVILEGE_BITS);
+            assertTrue(modifiable.includesRead());
+        }
+    }
+
+    public void testIncludes() {
+        // empty
+        assertTrue(PrivilegeBits.EMPTY.includes(PrivilegeBits.EMPTY));
+
+        // other privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        PrivilegeBits mod = PrivilegeBits.getInstance();
+
+        for (int i = 0; i < 100; i++) {
+
+            assertFalse(PrivilegeBits.EMPTY.includes(pb));
+            assertTrue(pb.includes(PrivilegeBits.EMPTY));
+
+            mod.add(pb);
+            assertTrue(mod.includes(pb));
+
+            PrivilegeBits nxt = pb.nextBits();
+            assertTrue(nxt.includes(nxt));
+            assertTrue(nxt.includes(PrivilegeBits.getInstance(nxt)));
+            
+            assertFalse(pb + " should not include " + nxt, pb.includes(nxt));
+            assertFalse(nxt + " should not include " + pb, nxt.includes(pb));
+            assertFalse(mod.includes(nxt));
+            assertFalse(nxt.includes(mod));
+           
+            pb = nxt;
+        }
+    }
+
+    public void testIsEmpty() {
+        // empty
+        assertTrue(PrivilegeBits.EMPTY.isEmpty());
+
+        // any other bits should not be empty
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+        for (int i = 0; i < 100; i++) {
+            assertFalse(pb.isEmpty());
+            assertFalse(PrivilegeBits.getInstance(pb).isEmpty());
+            
+            pb = pb.nextBits();
+            mod.add(pb);
+            assertFalse(mod.isEmpty());
+        }
+    }
+
+    //----------------------------------------------------------------< mod >---
+
+    public void testAdd() {
+        // empty
+        try {
+            PrivilegeBits.EMPTY.add(PrivilegeBits.EMPTY);
+            fail("UnsupportedOperation expected");
+        } catch (UnsupportedOperationException e) {
+            // success
+        }
+
+        // other privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+        for (int i = 0; i < 100; i++) {
+            try {
+                pb.add(PrivilegeBits.EMPTY);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            try {
+                pb.add(mod);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            PrivilegeBits nxt = pb.nextBits();
+            try {
+                pb.add(nxt);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            long before = mod.longValue();
+            long nxtLong = nxt.longValue();
+
+            mod.add(nxt);
+            if (nxt.longValue() != 0) {
+                assertEquals(before | nxtLong, mod.longValue());
+            }
+            assertTrue(mod.includes(nxt));
+
+            PrivilegeBits tmp = PrivilegeBits.getInstance(pb);
+            assertTrue(tmp.includes(pb));
+            assertFalse(tmp.includes(nxt));
+            if (READ_PRIVILEGE_BITS.equals(pb)) {
+                assertTrue(tmp.includesRead());            
+            } else {
+                assertFalse(tmp.includesRead());
+            }
+            tmp.add(nxt);
+            assertTrue(tmp.includes(pb) && tmp.includes(nxt));
+            if (READ_PRIVILEGE_BITS.equals(pb)) {
+                assertTrue(tmp.includesRead());
+                assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+            } else {
+                assertFalse(tmp.includesRead());
+                assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+            }
+            tmp.add(READ_PRIVILEGE_BITS);
+            assertTrue(tmp.includesRead());
+            assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+
+            pb = nxt;
+        }
+    }
+
+    public void testDiff() {
+        // empty
+        try {
+            PrivilegeBits.EMPTY.diff(PrivilegeBits.EMPTY);
+            fail("UnsupportedOperation expected");
+        } catch (UnsupportedOperationException e) {
+            // success
+        }
+
+        // other privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+        for (int i = 0; i < 100; i++) {
+            PrivilegeBits nxt = pb.nextBits();
+            try {
+                pb.diff(nxt);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            try {
+                pb.diff(mod);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            PrivilegeBits before = PrivilegeBits.getInstance(mod);
+            mod.diff(nxt);
+            assertEquals(before, mod);
+            mod.add(nxt);
+            assertFalse(before.equals(mod));
+            mod.diff(nxt);
+            assertEquals(before, mod);
+            mod.add(nxt);
+
+            // diff with same pb must leave original bits empty
+            PrivilegeBits tmp = PrivilegeBits.getInstance(pb);
+            tmp.add(nxt);
+            tmp.add(READ_PRIVILEGE_BITS);
+            tmp.diff(tmp);
+            assertEquals(nxt.toString(), PrivilegeBits.EMPTY, tmp);
+
+            tmp = PrivilegeBits.getInstance(pb);
+            tmp.add(nxt);
+            tmp.add(READ_PRIVILEGE_BITS);
+            tmp.diff(PrivilegeBits.getInstance(tmp));
+            assertEquals(nxt.toString(), PrivilegeBits.EMPTY, tmp);
+
+            // diff without intersection -> leave privilege unmodified.
+            tmp = PrivilegeBits.getInstance(pb);
+            tmp.diff(nxt);
+            assertEquals(PrivilegeBits.getInstance(pb), tmp);
+
+            // diff with intersection -> privilege must be modified accordingly.
+            tmp = PrivilegeBits.getInstance(nxt);
+            tmp.add(READ_PRIVILEGE_BITS);
+            assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+            assertTrue(tmp.includes(nxt));
+            tmp.diff(nxt);
+            assertEquals(READ_PRIVILEGE_BITS, tmp);
+            assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+            assertFalse(tmp.includes(nxt));
+
+            tmp = PrivilegeBits.getInstance(pb);
+            tmp.add(READ_PRIVILEGE_BITS);
+            PrivilegeBits tmp2 = PrivilegeBits.getInstance(pb);
+            tmp2.add(nxt);
+            PrivilegeBits tmp3 = PrivilegeBits.getInstance(tmp2);
+            assertEquals(tmp2, tmp3);
+            tmp.diff(tmp2);
+            if (READ_PRIVILEGE_BITS.equals(pb)) {
+                assertEquals(PrivilegeBits.EMPTY, tmp);
+            } else {
+                assertEquals(READ_PRIVILEGE_BITS, tmp);               
+            }
+            // but pb passed to the diff call must not be modified.
+            assertEquals(tmp3, tmp2);
+
+            pb = nxt;
+        }
+    }
+        
+    public void testAddDifference() {
+        // empty
+        try {
+            PrivilegeBits.EMPTY.addDifference(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY);
+            fail("UnsupportedOperation expected");
+        } catch (UnsupportedOperationException e) {
+            // success
+        }
+
+        // other privilege bits
+        PrivilegeBits pb = READ_PRIVILEGE_BITS;
+        PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+        for (int i = 0; i < 100; i++) {
+            PrivilegeBits nxt = pb.nextBits();
+            try {
+                pb.addDifference(nxt, mod);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            try {
+                pb.addDifference(nxt, READ_PRIVILEGE_BITS);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+
+            PrivilegeBits tmp = PrivilegeBits.getInstance(mod);
+            tmp.addDifference(nxt, READ_PRIVILEGE_BITS);
+            mod.add(nxt);
+            assertEquals(mod, tmp); // since there is diff(nxt, read) results in nxt
+
+            if (!pb.equals(READ_PRIVILEGE_BITS)) {
+                tmp = PrivilegeBits.getInstance(nxt);
+                PrivilegeBits mod2 = PrivilegeBits.getInstance(mod);
+                tmp.addDifference(mod2, READ_PRIVILEGE_BITS);
+                assertFalse(nxt.equals(tmp));  // tmp should be modified by addDifference call.
+                assertEquals(mod2, mod);       // mod2 should not be modified here
+                assertTrue(tmp.includes(pb));
+                assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+                assertFalse(tmp.includes(mod));
+            }
+
+            tmp = PrivilegeBits.getInstance(nxt);
+            PrivilegeBits mod2 = PrivilegeBits.getInstance(mod);
+            tmp.addDifference(READ_PRIVILEGE_BITS, mod2);
+            assertEquals(nxt, tmp);  // tmp not modified by addDifference call.
+            assertEquals(mod2, mod); // mod2 should not be modified here
+            assertFalse(tmp.includes(pb));
+            assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+            assertFalse(tmp.includes(mod));
+
+            tmp = PrivilegeBits.getInstance(nxt);
+            tmp.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+            assertEquals(nxt, tmp);  // tmp not modified by addDifference call.
+            assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+
+            tmp = PrivilegeBits.getInstance(mod);
+            tmp.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+            assertEquals(mod, tmp);  // tmp not modified by addDifference call.
+            assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+
+            pb = nxt;
+        }
+    }
+
+    //------------------------------------------------------------< general >---
+    public void testGetInstance() {
+        PrivilegeBits pb = PrivilegeBits.getInstance();
+        assertEquals(PrivilegeBits.EMPTY, pb);
+        assertNotSame(PrivilegeBits.EMPTY, pb);
+        assertNotSame(pb, pb.unmodifiable());        
+        pb.add(READ_PRIVILEGE_BITS);
+        pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+        pb.diff(READ_PRIVILEGE_BITS);
+
+        pb = PrivilegeBits.getInstance(PrivilegeBits.EMPTY);
+        assertEquals(PrivilegeBits.EMPTY, pb);
+        assertNotSame(PrivilegeBits.EMPTY, pb);
+        assertNotSame(pb, pb.unmodifiable());
+        pb.add(READ_PRIVILEGE_BITS);
+        pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+        pb.diff(READ_PRIVILEGE_BITS);
+
+        pb = PrivilegeBits.getInstance(READ_PRIVILEGE_BITS);
+        assertEquals(READ_PRIVILEGE_BITS, pb);
+        assertNotSame(READ_PRIVILEGE_BITS, pb);
+        assertNotSame(pb, pb.unmodifiable());
+        pb.add(READ_PRIVILEGE_BITS);
+        pb.addDifference(READ_PRIVILEGE_BITS, PrivilegeBits.EMPTY);
+        pb.diff(READ_PRIVILEGE_BITS);
+
+        pb = PrivilegeBits.getInstance(PrivilegeRegistry.NO_PRIVILEGE);
+        assertEquals(pb, PrivilegeBits.EMPTY);
+        assertSame(pb, PrivilegeBits.EMPTY);
+        assertSame(pb, pb.unmodifiable());
+        try {
+            pb.add(READ_PRIVILEGE_BITS);
+            fail("UnsupportedOperation expected");
+        } catch (UnsupportedOperationException e) {
+            // success
+        }
+        try {
+            pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+            fail("UnsupportedOperation expected");
+        } catch (UnsupportedOperationException e) {
+            // success
+        }
+        try {
+            pb.diff(READ_PRIVILEGE_BITS);
+            fail("UnsupportedOperation expected");
+        } catch (UnsupportedOperationException e) {
+            // success
+        }
+
+        try {
+            PrivilegeBits.getInstance(-1);
+            fail();
+        } catch (IllegalArgumentException e) {
+            // success.
+        }
+
+        PrivilegeBits bts = PrivilegeBits.getInstance(PrivilegeRegistry.NO_PRIVILEGE);
+        assertSame(PrivilegeBits.EMPTY, bts);
+        
+        for (long l : LONGS) {
+            pb = PrivilegeBits.getInstance(l);
+            assertEquals(pb, PrivilegeBits.getInstance(l));
+            assertNotSame(pb, PrivilegeBits.getInstance(l));
+            assertSame(pb, pb.unmodifiable());
+
+            assertEquals(pb, PrivilegeBits.getInstance(pb));
+            assertEquals(PrivilegeBits.getInstance(pb), pb);
+            assertNotSame(pb, PrivilegeBits.getInstance(pb));
+
+            try {
+                pb.add(READ_PRIVILEGE_BITS);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+            try {
+                pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+            try {
+                pb.diff(READ_PRIVILEGE_BITS);
+                fail("UnsupportedOperation expected");
+            } catch (UnsupportedOperationException e) {
+                // success
+            }
+        }
+
+    }
+}
\ No newline at end of file

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision Rev URL

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java Fri Apr 15 14:34:45 2011
@@ -104,21 +104,16 @@ public class PrivilegeManagerImplTest ex
         assertPrivilege(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE), PrivilegeRegistry.REP_WRITE, true, false);
     }
 
-    public void testIsCustom() throws RepositoryException {
-        for (Privilege builtin : privilegeMgr.getRegisteredPrivileges()) {
-            assertFalse(getPrivilegeManagerImpl().isCustomPrivilege(builtin));
-        }
-    }
-
     public void testGetBits() throws RepositoryException {
         Privilege p1 = privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES);
         Privilege p2 = privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES);
         Privilege[] privs = new Privilege[] {p1, p2};
 
-        int bits = getPrivilegeManagerImpl().getBits(privs);
-        assertTrue(bits > PrivilegeRegistry.NO_PRIVILEGE);
-        assertTrue(bits == (getPrivilegeManagerImpl().getBits(p1) |
-                getPrivilegeManagerImpl().getBits(p2)));
+        PrivilegeBits bits = getPrivilegeManagerImpl().getBits(privs);
+        assertFalse(bits.isEmpty());
+        PrivilegeBits other = getPrivilegeManagerImpl().getBits(p1);
+        other.add(getPrivilegeManagerImpl().getBits(p2));
+        assertEquals(bits, other);
     }
 
     public void testGetBitsFromCustomPrivilege() throws AccessControlException {
@@ -200,7 +195,7 @@ public class PrivilegeManagerImplTest ex
                 Privilege.JCR_REMOVE_NODE,
                 Privilege.JCR_MODIFY_PROPERTIES
         };
-        int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+        PrivilegeBits writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
         Set<Privilege> pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
 
         assertTrue(pvs != null);
@@ -215,7 +210,7 @@ public class PrivilegeManagerImplTest ex
         String[] names = new String[] {
                 PrivilegeRegistry.REP_WRITE
         };
-        int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+        PrivilegeBits writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
         Set<Privilege> pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
 
         assertTrue(pvs != null);
@@ -244,7 +239,7 @@ public class PrivilegeManagerImplTest ex
                 PrivilegeRegistry.REP_WRITE,
                 Privilege.JCR_LIFECYCLE_MANAGEMENT
         };
-        int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+        PrivilegeBits writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
         Set<Privilege> pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
 
         assertTrue(pvs != null);

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java Fri Apr 15 14:34:45 2011
@@ -46,10 +46,6 @@ public class PrivilegeRegistryTest exten
         privilegeRegistry = new PrivilegeRegistry(resolver);
     }
 
-    private int getBits(PrivilegeRegistry.Definition def) {
-        return privilegeRegistry.getBits(new PrivilegeRegistry.Definition[] {def});
-    }
-
     public void testGetAll() throws RepositoryException {
 
         PrivilegeRegistry.Definition[] defs = privilegeRegistry.getAll();
@@ -93,7 +89,7 @@ public class PrivilegeRegistryTest exten
             assertTrue(d.declaredAggregateNames.containsAll(l));
             assertTrue(l.containsAll(d.declaredAggregateNames));
 
-            assertTrue(getBits(d) > PrivilegeRegistry.NO_PRIVILEGE);
+            assertFalse(d.getBits().isEmpty());
         }
     }
 
@@ -108,7 +104,7 @@ public class PrivilegeRegistryTest exten
             for (Name n : l) {
                 PrivilegeRegistry.Definition d = privilegeRegistry.get(n);
                 assertNotNull(d);
-                Name[] names = privilegeRegistry.getNames(getBits(d));
+                Name[] names = privilegeRegistry.getNames(d.getBits());
                 assertNotNull(names);
                 assertEquals(1, names.length);
                 assertEquals(d.name, names[0]);
@@ -131,7 +127,7 @@ public class PrivilegeRegistryTest exten
             assertTrue(def.declaredAggregateNames.containsAll(l));
             assertTrue(l.containsAll(def.declaredAggregateNames));
 
-            assertTrue(getBits(def) > PrivilegeRegistry.NO_PRIVILEGE);
+            assertFalse(def.getBits().isEmpty());
         }
     }
 
@@ -315,7 +311,8 @@ public class PrivilegeRegistryTest exten
     }
 
     public void testGetPrivilegesFromBits() throws RepositoryException {
-        Privilege[] pvs = privilegeRegistry.getPrivileges(PrivilegeRegistry.getBits(privilegesFromNames(new String[] {Privilege.JCR_READ_ACCESS_CONTROL})));
+        int bits = PrivilegeRegistry.getBits(privilegesFromNames(new String[] {Privilege.JCR_READ_ACCESS_CONTROL}));
+        Privilege[] pvs = privilegeRegistry.getPrivileges(bits);
 
         assertTrue(pvs != null);
         assertTrue(pvs.length == 1);

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java Fri Apr 15 14:34:45 2011
@@ -38,6 +38,7 @@ public class TestAll extends TestCase {
         suite.addTestSuite(PrivilegeRegistryTest.class);
         suite.addTestSuite(PrivilegeManagerImplTest.class);
         suite.addTestSuite(CustomPrivilegeTest.class);
+        suite.addTestSuite(PrivilegeBitsTest.class);
         suite.addTestSuite(JackrabbitAccessControlListTest.class);
         suite.addTestSuite(GlobPatternTest.class);
         suite.addTestSuite(PermissionTest.class);

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java Fri Apr 15 14:34:45 2011
@@ -23,6 +23,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.principal.PrincipalManager;
 import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.core.security.authorization.AbstractACLTemplateTest;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeBits;
 import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
 import org.apache.jackrabbit.core.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.test.NotExecutableException;
@@ -36,7 +37,9 @@ import java.security.Principal;
 import java.security.acl.Group;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.Map;
+import java.util.Set;
 
 /**
  * <code>ACLTemplateTest</code>...
@@ -107,25 +110,31 @@ public class ACLTemplateTest extends Abs
     }
 
     public void testMultipleEntryEffect2() throws RepositoryException, NotExecutableException {
-        Privilege[] privileges = privilegesFromName(PrivilegeRegistry.REP_WRITE);
+        Privilege repwrite = getAccessControlManager(superuser).privilegeFromName(PrivilegeRegistry.REP_WRITE);
+
         JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
-        pt.addAccessControlEntry(testPrincipal, privileges);
+        pt.addAccessControlEntry(testPrincipal, new Privilege[] {repwrite});
 
         // add deny entry for mod_props
-        Privilege[] privileges2 = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
-        assertTrue(pt.addEntry(testPrincipal, privileges2, false, null));
+        Privilege modProperties = getAccessControlManager(superuser).privilegeFromName(Privilege.JCR_MODIFY_PROPERTIES);
+        assertTrue(pt.addEntry(testPrincipal, new Privilege[] {modProperties}, false, null));
 
         // net-effect: 2 entries with the allow entry being adjusted
         assertTrue(pt.size() == 2);
         AccessControlEntry[] entries = pt.getAccessControlEntries();
         for (AccessControlEntry entry1 : entries) {
             ACLTemplate.Entry entry = (ACLTemplate.Entry) entry1;
-            int privs = entry.getPrivilegeBits();
+            PrivilegeBits privs = entry.getPrivilegeBits();
             if (entry.isAllow()) {
-                int bits = privilegeMgr.getBits(privileges) ^ privilegeMgr.getBits(privileges2);
+                Privilege[] result = privilegesFromNames(new String[] {
+                        Privilege.JCR_ADD_CHILD_NODES,
+                        Privilege.JCR_NODE_TYPE_MANAGEMENT,
+                        Privilege.JCR_REMOVE_CHILD_NODES,
+                        Privilege.JCR_REMOVE_NODE});    
+                PrivilegeBits bits = privilegeMgr.getBits(result);
                 assertEquals(privs, bits);
             } else {
-                assertEquals(privs, privilegeMgr.getBits(privileges2));
+                assertEquals(privs, privilegeMgr.getBits(modProperties));
             }
         }
     }



Mime
View raw message