jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1399580 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/ oa...
Date Thu, 18 Oct 2012 11:11:00 GMT
Author: angela
Date: Thu Oct 18 11:10:59 2012
New Revision: 1399580

URL: http://svn.apache.org/viewvc?rev=1399580&view=rev
Log:
OAK-90 : Implement Principal Management (WIP)
OAK-50 : User Management (WIP)

Added:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
    jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Thu Oct 18 11:10:59 2012
@@ -38,9 +38,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.MembershipProvider;
 import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserProvider;
 import org.apache.jackrabbit.oak.spi.state.NodeStore;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -120,10 +118,7 @@ public class SecurityProviderImpl implem
             @Nonnull
             @Override
             public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper)
{
-                UserConfiguration userConfiguration = getUserConfiguration();
-                UserProvider userProvider = userConfiguration.getUserProvider(root);
-                MembershipProvider msProvider = userConfiguration.getMembershipProvider(root);
-                return new PrincipalProviderImpl(userProvider, msProvider, namePathMapper);
+                return new PrincipalProviderImpl(root, getUserConfiguration(), namePathMapper);
             }
         };
     }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java
Thu Oct 18 11:10:59 2012
@@ -41,11 +41,21 @@ class AccessControlContextImpl implement
     @Override
     public CompiledPermissions getPermissions() {
         Set<Principal> principals = subject.getPrincipals();
-        if (principals.contains(AdminPrincipal.INSTANCE)) {
+        if (isAdmin(principals)) {
             return AllPermissions.getInstance();
         } else {
             // TODO: replace with permissions based on ac evaluation
             return new CompiledPermissionImpl(principals);
         }
     }
+
+    //--------------------------------------------------------------------------
+    private static boolean isAdmin(Set<Principal> principals) {
+        for (Principal principal : principals) {
+            if (principal instanceof AdminPrincipal) {
+                return true;
+            }
+        }
+        return false;
+    }
 }

Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java?rev=1399580&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java
(added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java
Thu Oct 18 11:10:59 2012
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.principal;
+
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.namepath.PathMapper;
+import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
+
+/**
+ * AdminPrincipalImpl... TODO
+ */
+public class AdminPrincipalImpl extends TreeBasedPrincipal implements AdminPrincipal {
+
+    public AdminPrincipalImpl(Tree tree, PathMapper pathMapper) {
+        super(tree, pathMapper);
+    }
+
+    public AdminPrincipalImpl(String principalName, Tree tree, PathMapper pathMapper) {
+        super(principalName, tree, pathMapper);
+    }
+}
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
Thu Oct 18 11:10:59 2012
@@ -29,14 +29,15 @@ import com.google.common.base.Function;
 import com.google.common.base.Predicates;
 import com.google.common.collect.Iterators;
 import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.api.Tree;
 import org.apache.jackrabbit.oak.namepath.PathMapper;
-import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
 import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
 import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
 import org.apache.jackrabbit.oak.spi.security.user.MembershipProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.UserProvider;
 import org.slf4j.Logger;
@@ -58,11 +59,11 @@ public class PrincipalProviderImpl imple
     private final MembershipProvider membershipProvider;
     private final PathMapper pathMapper;
 
-    public PrincipalProviderImpl(UserProvider userProvider,
-                                 MembershipProvider membershipProvider,
+    public PrincipalProviderImpl(Root root,
+                                 UserConfiguration userConfiguration,
                                  PathMapper pathMapper) {
-        this.userProvider = userProvider;
-        this.membershipProvider = membershipProvider;
+        this.userProvider = userConfiguration.getUserProvider(root);
+        this.membershipProvider = userConfiguration.getMembershipProvider(root);
         this.pathMapper = pathMapper;
     }
 
@@ -99,12 +100,15 @@ public class PrincipalProviderImpl imple
         Tree userTree = userProvider.getAuthorizable(userID, AuthorizableType.USER);
         if (userTree != null) {
             principals = new HashSet<Principal>();
-            Principal userPrincipal = new TreeBasedPrincipal(userTree, pathMapper);
-            principals.add(userPrincipal);
-            principals.addAll(getGroupMembership(userPrincipal));
+            Principal userPrincipal;
             if (userProvider.isAdminUser(userTree)) {
-                principals.add(AdminPrincipal.INSTANCE);
+                userPrincipal = new AdminPrincipalImpl(userTree, pathMapper);
+            } else {
+                userPrincipal = new TreeBasedPrincipal(userTree, pathMapper);
             }
+            principals.add(userPrincipal);
+            principals.addAll(getGroupMembership(userPrincipal));
+
         } else {
             principals = Collections.emptySet();
         }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
Thu Oct 18 11:10:59 2012
@@ -285,19 +285,6 @@ abstract class AuthorizableImpl implemen
     }
 
     //--------------------------------------------------------------------------
-    /**
-     * @return The node associated with this authorizable instance.
-     * @throws javax.jcr.RepositoryException
-     */
-    @Nonnull
-    Node getNode() throws RepositoryException {
-        if (node == null) {
-            String jcrPath = userManager.getNamePathMapper().getJcrPath(getTree().getPath());
-            node = userManager.getSession().getNode(jcrPath);
-        }
-        return node;
-    }
-
     @Nonnull
     Tree getTree() {
         Tree tree = getUserProvider().getAuthorizable(id);
@@ -347,6 +334,18 @@ abstract class AuthorizableImpl implemen
     }
 
     /**
+     * @return The node associated with this authorizable instance.
+     * @throws javax.jcr.RepositoryException
+     */
+    @Nonnull
+    private Node getNode() throws RepositoryException {
+        if (node == null) {
+            node = userManager.getAuthorizableNode(getTree().getPath());
+        }
+        return node;
+    }
+
+    /**
      * Returns true if the given property of the authorizable node is one of the
      * non-protected properties defined by the rep:Authorizable node type or a
      * some other descendant of the authorizable node.

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java
Thu Oct 18 11:10:59 2012
@@ -204,7 +204,7 @@ class ImpersonationImpl implements Imper
     }
 
     private boolean isAdmin(Principal principal) {
-        if (principal == AdminPrincipal.INSTANCE) {
+        if (principal instanceof AdminPrincipal) {
             return true;
         } else if (principal instanceof Group) {
             return false;

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java
Thu Oct 18 11:10:59 2012
@@ -24,9 +24,10 @@ import javax.jcr.UnsupportedRepositoryOp
 import org.apache.jackrabbit.api.security.user.Impersonation;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.security.principal.AdminPrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
-import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
 import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
+import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -40,8 +41,11 @@ class UserImpl extends AuthorizableImpl 
      */
     private static final Logger log = LoggerFactory.getLogger(UserImpl.class);
 
+    private final boolean isAdmin;
+
     UserImpl(String id, Tree tree, UserManagerImpl userManager) throws RepositoryException
{
         super(id, tree, userManager);
+        isAdmin = userManager.getUserProvider().isAdminUser(tree);
     }
 
     void checkValidTree(Tree tree) throws RepositoryException {
@@ -66,7 +70,11 @@ class UserImpl extends AuthorizableImpl 
     public Principal getPrincipal() throws RepositoryException {
         Tree userTree = getTree();
         String principalName = getUserProvider().getPrincipalName(userTree);
-        return new TreeBasedPrincipal(principalName, userTree, getUserManager().getNamePathMapper());
+        if (isAdmin()) {
+            return new AdminPrincipalImpl(principalName, userTree, getUserManager().getNamePathMapper());
+        } else {
+            return new TreeBasedPrincipal(principalName, userTree, getUserManager().getNamePathMapper());
+        }
     }
 
     //---------------------------------------------------------------< User >---
@@ -75,7 +83,7 @@ class UserImpl extends AuthorizableImpl 
      */
     @Override
     public boolean isAdmin() {
-        return getUserProvider().isAdminUser(getTree());
+        return isAdmin;
     }
 
     /**

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
Thu Oct 18 11:10:59 2012
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.securi
 import java.security.Principal;
 import java.util.Iterator;
 import javax.annotation.CheckForNull;
+import javax.jcr.Node;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.UnsupportedRepositoryOperationException;
@@ -239,7 +240,7 @@ public class UserManagerImpl implements 
      */
     void onCreate(User user, String password) throws RepositoryException {
         for (AuthorizableAction action : getAuthorizableActions()) {
-            action.onCreate(user, password, getSession());
+            action.onCreate(user, password, session);
         }
     }
 
@@ -253,7 +254,7 @@ public class UserManagerImpl implements 
      */
     void onCreate(Group group) throws RepositoryException {
         for (AuthorizableAction action : getAuthorizableActions()) {
-            action.onCreate(group, getSession());
+            action.onCreate(group, session);
         }
     }
 
@@ -267,7 +268,7 @@ public class UserManagerImpl implements 
      */
     void onRemove(Authorizable authorizable) throws RepositoryException {
         for (AuthorizableAction action : getAuthorizableActions()) {
-            action.onRemove(authorizable, getSession());
+            action.onRemove(authorizable, session);
         }
     }
 
@@ -282,7 +283,7 @@ public class UserManagerImpl implements 
      */
     void onPasswordChange(User user, String password) throws RepositoryException {
         for (AuthorizableAction action : getAuthorizableActions()) {
-            action.onPasswordChange(user, password, getSession());
+            action.onPasswordChange(user, password, session);
         }
     }
 
@@ -292,8 +293,9 @@ public class UserManagerImpl implements 
 
     //--------------------------------------------------------------------------
 
-    Session getSession() {
-        return session;
+    Node getAuthorizableNode(String oakPath) throws RepositoryException {
+        String jcrPath = getNamePathMapper().getJcrPath(oakPath);
+        return session.getNode(jcrPath);
     }
 
     NamePathMapper getNamePathMapper() {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
Thu Oct 18 11:10:59 2012
@@ -24,23 +24,6 @@ import java.security.Principal;
  * special (admin) access permissions. It may be used as the single or as
  * additional non-group principal.
  */
-public final class AdminPrincipal implements Principal {
+public interface AdminPrincipal extends Principal {
 
-    public static final String NAME = "administrator";
-
-    public static final Principal INSTANCE = new AdminPrincipal();
-
-    private AdminPrincipal() { }
-
-    //----------------------------------------------------------< Principal >---
-    @Override
-    public String getName() {
-        return NAME;
-    }
-
-    //-------------------------------------------------------------< Object >---
-    @Override
-    public String toString() {
-        return NAME + " principal";
-    }
 }

Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java?rev=1399580&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
(added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
Thu Oct 18 11:10:59 2012
@@ -0,0 +1,81 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.principal;
+
+import java.security.Principal;
+import java.util.Set;
+
+import org.apache.jackrabbit.oak.AbstractOakTest;
+import org.apache.jackrabbit.oak.Oak;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexHook;
+import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.junit.Before;
+import org.junit.Test;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+/**
+ * PrincipalProviderImplTest...
+ */
+public class PrincipalProviderImplTest extends AbstractOakTest {
+
+    private SecurityProvider securityProvider = new SecurityProviderImpl();
+    private ContentSession admin;
+    private PrincipalProviderImpl principalProvider;
+
+    @Before
+    public void before() throws Exception {
+        super.before();
+
+        admin = createAdminSession();
+        Root root = admin.getLatestRoot();
+        principalProvider = new PrincipalProviderImpl(root, securityProvider.getUserConfiguration(),
NamePathMapper.DEFAULT);
+    }
+
+    @Override
+    protected ContentRepository createRepository() {
+        return new Oak(createMicroKernelWithInitialContent()).with(new PropertyIndexHook()).with(securityProvider).createContentRepository();
+    }
+
+    @Test
+    public void testGetPrincipals() throws Exception {
+        String adminId = admin.getAuthInfo().getUserID();
+        Set<? extends Principal> principals = principalProvider.getPrincipals(adminId);
+
+        assertNotNull(principals);
+        assertFalse(principals.isEmpty());
+        assertTrue(principals.contains(EveryonePrincipal.getInstance()));
+
+        boolean containsAdminPrincipal = false;
+        for (Principal principal : principals) {
+            assertNotNull(principalProvider.getPrincipal(principal.getName()));
+            if (principal instanceof AdminPrincipal) {
+                containsAdminPrincipal = true;
+            }
+        }
+        assertTrue(containsAdminPrincipal);
+    }
+}
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java
(original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java
Thu Oct 18 11:10:59 2012
@@ -102,7 +102,12 @@ public class ImpersonationTest extends A
 
     public void testAdminPrincipalAsImpersonator() throws RepositoryException, NotExecutableException
{
 
-        Principal adminPrincipal = AdminPrincipal.INSTANCE;
+        Principal adminPrincipal = new AdminPrincipal() {
+            @Override
+            public String getName() {
+                return "some-admin-name";
+            }
+        };
 
         // admin cannot be add/remove to set of impersonators of 'u' but is
         // always allowed to impersonate that user.



Mime
View raw message