jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1406225 [2/2] - in /jackrabbit/oak/trunk: oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak...
Date Tue, 06 Nov 2012 17:12:35 GMT
Added: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizablePropertyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizablePropertyTest.java?rev=1406225&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizablePropertyTest.java (added)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizablePropertyTest.java Tue Nov  6 17:12:34 2012
@@ -0,0 +1,603 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.jcr.security.user;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import javax.jcr.Node;
+import javax.jcr.Property;
+import javax.jcr.PropertyIterator;
+import javax.jcr.PropertyType;
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import javax.jcr.nodetype.ConstraintViolationException;
+
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.test.NotExecutableException;
+import org.apache.jackrabbit.util.Text;
+import org.apache.jackrabbit.value.StringValue;
+import org.junit.Test;
+
+/**
+ * AuthorizablePropertyTest...
+ */
+public class AuthorizablePropertyTest extends AbstractUserTest {
+
+    private Map<String, Boolean> protectedUserProps = new HashMap<String, Boolean>();
+    private Map<String, Boolean> protectedGroupProps = new HashMap<String, Boolean>();
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+
+        protectedUserProps.put(UserConstants.REP_PASSWORD, false);
+        protectedUserProps.put(UserConstants.REP_IMPERSONATORS, true);
+        protectedUserProps.put(UserConstants.REP_PRINCIPAL_NAME, false);
+
+        protectedGroupProps.put(UserConstants.REP_MEMBERS, true);
+        protectedGroupProps.put(UserConstants.REP_PRINCIPAL_NAME, false);
+    }
+
+    private static void checkProtected(Property prop) throws RepositoryException {
+        assertTrue(prop.getDefinition().isProtected());
+    }
+
+    @Test
+    public void testSetProperty() throws NotExecutableException, RepositoryException {
+        String propName = "Fullname";
+        Value v = superuser.getValueFactory().createValue("Super User");
+        try {
+            user.setProperty(propName, v);
+            superuser.save();
+        } catch (RepositoryException e) {
+            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
+        }
+
+        try {
+            boolean found = false;
+            for (Iterator<String> it = user.getPropertyNames(); it.hasNext() && !found;) {
+                found = propName.equals(it.next());
+            }
+            assertTrue(found);
+
+            found = false;
+            for (Iterator<String> it = user.getPropertyNames("."); it.hasNext() && !found;) {
+                found = propName.equals(it.next());
+            }
+            assertTrue(found);
+
+            assertTrue(user.hasProperty(propName));
+            assertTrue(user.hasProperty("./" + propName));
+
+            assertTrue(user.getProperty(propName).length == 1);
+
+            assertEquals(v, user.getProperty(propName)[0]);
+            assertEquals(v, user.getProperty("./" + propName)[0]);
+
+            assertTrue(user.removeProperty(propName));
+            assertFalse(user.hasProperty(propName));
+
+            superuser.save();
+        } finally {
+            // try to remove the property again even if previous calls failed.
+            user.removeProperty(propName);
+            superuser.save();
+        }
+    }
+
+    @Test
+    public void testSetMultiValueProperty() throws NotExecutableException, RepositoryException {
+        String propName = "Fullname";
+        Value[] v = new Value[] {superuser.getValueFactory().createValue("Super User")};
+        try {
+            user.setProperty(propName, v);
+            superuser.save();
+        } catch (RepositoryException e) {
+            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
+        }
+
+        try {
+            boolean found = false;
+            for (Iterator<String> it = user.getPropertyNames(); it.hasNext() && !found;) {
+                found = propName.equals(it.next());
+            }
+            assertTrue(found);
+
+            found = false;
+            for (Iterator<String> it = user.getPropertyNames("."); it.hasNext() && !found;) {
+                found = propName.equals(it.next());
+            }
+            assertTrue(found);
+
+            assertTrue(user.hasProperty(propName));
+            assertTrue(user.hasProperty("./" + propName));
+
+            assertEquals(Arrays.asList(v), Arrays.asList(user.getProperty(propName)));
+            assertEquals(Arrays.asList(v), Arrays.asList(user.getProperty("./" + propName)));
+
+            assertTrue(user.removeProperty(propName));
+            assertFalse(user.hasProperty(propName));
+
+            superuser.save();
+        } finally {
+            // try to remove the property again even if previous calls failed.
+            user.removeProperty(propName);
+            superuser.save();
+        }
+    }
+
+    @Test
+    public void testSetPropertyByRelPath() throws NotExecutableException, RepositoryException {
+        Value[] v = new Value[] {superuser.getValueFactory().createValue("Super User")};
+
+        List<String> relPaths = new ArrayList<String>();
+        relPaths.add("testing/Fullname");
+        relPaths.add("testing/Email");
+        relPaths.add("testing/testing/testing/Fullname");
+        relPaths.add("testing/testing/testing/Email");
+
+        for (String relPath : relPaths) {
+            try {
+                user.setProperty(relPath, v);
+                superuser.save();
+
+                assertTrue(user.hasProperty(relPath));
+                String propName = Text.getName(relPath);
+                assertFalse(user.hasProperty(propName));
+            } finally {
+                // try to remove the property even if previous calls failed.
+                user.removeProperty(relPath);
+                superuser.save();
+            }
+        }
+    }
+
+    @Test
+    public void testSetPropertyInvalidRelativePath() throws NotExecutableException, RepositoryException {
+        Value[] v = new Value[] {superuser.getValueFactory().createValue("Super User")};
+
+        List<String> invalidPaths = new ArrayList<String>();
+        // try setting outside of tree defined by the user.
+        invalidPaths.add("../testing/Fullname");
+        invalidPaths.add("../../testing/Fullname");
+        invalidPaths.add("testing/testing/../../../Fullname");
+        // try absolute path -> must fail
+        invalidPaths.add("/testing/Fullname");
+
+        for (String invalidRelPath : invalidPaths) {
+            try {
+                user.setProperty(invalidRelPath, v);
+                fail("Modifications outside of the scope of the authorizable must fail. Path was: " + invalidRelPath);
+            } catch (Exception e) {
+                // success.
+            } finally {
+                superuser.refresh(false);
+            }
+        }
+    }
+
+    @Test
+    public void testGetPropertyByInvalidRelativePath() throws NotExecutableException, RepositoryException {
+        List<String> wrongPaths = new ArrayList<String>();
+        wrongPaths.add("../jcr:primaryType");
+        wrongPaths.add("../../jcr:primaryType");
+        wrongPaths.add("../testing/jcr:primaryType");
+        for (String path : wrongPaths) {
+            assertNull(user.getProperty(path));
+        }
+
+        List<String> invalidPaths = new ArrayList<String>();
+        invalidPaths.add("/testing/jcr:primaryType");
+        invalidPaths.add("..");
+        invalidPaths.add(".");
+        invalidPaths.add(null);
+        for (String invalidPath : invalidPaths) {
+            try {
+                assertNull(user.getProperty(invalidPath));
+            } catch (Exception e) {
+                // success
+            }
+        }
+    }
+
+    @Test
+    public void testHasPropertyByInvalidRelativePath() throws NotExecutableException, RepositoryException {
+        List<String> wrongPaths = new ArrayList<String>();
+        wrongPaths.add("../jcr:primaryType");
+        wrongPaths.add("../../jcr:primaryType");
+        wrongPaths.add("../testing/jcr:primaryType");
+        for (String path : wrongPaths) {
+            assertFalse(user.hasProperty(path));
+        }
+
+
+        List<String> invalidPaths = new ArrayList<String>();
+        invalidPaths.add("..");
+        invalidPaths.add(".");
+        invalidPaths.add(null);
+
+        for (String invalidPath : invalidPaths) {
+            try {
+                assertFalse(user.hasProperty(invalidPath));
+            } catch (Exception e) {
+                // success
+            }
+        }
+    }
+
+    @Test
+    public void testGetPropertyNames() throws NotExecutableException, RepositoryException {
+        String propName = "Fullname";
+        Value v = superuser.getValueFactory().createValue("Super User");
+        try {
+            user.setProperty(propName, v);
+            superuser.save();
+        } catch (RepositoryException e) {
+            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
+        }
+
+        try {
+            for (Iterator<String> it = user.getPropertyNames(); it.hasNext();) {
+                String name = it.next();
+                assertTrue(user.hasProperty(name));
+                assertNotNull(user.getProperty(name));
+            }
+        } finally {
+            // try to remove the property again even if previous calls failed.
+            user.removeProperty(propName);
+            superuser.save();
+        }
+    }
+
+    @Test
+    public void testGetPropertyNamesByRelPath() throws NotExecutableException, RepositoryException {
+        String relPath = "testing/Fullname";
+        Value v = superuser.getValueFactory().createValue("Super User");
+        try {
+            user.setProperty(relPath, v);
+            superuser.save();
+        } catch (RepositoryException e) {
+            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
+        }
+
+        try {
+            for (Iterator<String> it = user.getPropertyNames(); it.hasNext();) {
+                String name = it.next();
+                assertFalse("Fullname".equals(name));
+            }
+
+            for (Iterator<String> it = user.getPropertyNames("testing"); it.hasNext();) {
+                String name = it.next();
+                String rp = "testing/" + name;
+
+                assertFalse(user.hasProperty(name));
+                assertNull(user.getProperty(name));
+
+                assertTrue(user.hasProperty(rp));
+                assertNotNull(user.getProperty(rp));
+            }
+            for (Iterator<String> it = user.getPropertyNames("./testing"); it.hasNext();) {
+                String name = it.next();
+                String rp = "testing/" + name;
+
+                assertFalse(user.hasProperty(name));
+                assertNull(user.getProperty(name));
+
+                assertTrue(user.hasProperty(rp));
+                assertNotNull(user.getProperty(rp));
+            }
+        } finally {
+            // try to remove the property again even if previous calls failed.
+            user.removeProperty(relPath);
+            superuser.save();
+        }
+    }
+
+    @Test
+    public void testGetPropertyNamesByInvalidRelPath() throws NotExecutableException, RepositoryException {
+        List<String> invalidPaths = new ArrayList<String>();
+        invalidPaths.add("../");
+        invalidPaths.add("../../");
+        invalidPaths.add("../testing");
+        invalidPaths.add("/testing");
+        invalidPaths.add(null);
+
+        for (String invalidRelPath : invalidPaths) {
+            try {
+                user.getPropertyNames(invalidRelPath);
+                fail("Calling Authorizable#getPropertyNames with " + invalidRelPath + " must fail.");
+            } catch (Exception e) {
+                // success
+            }
+        }
+    }
+
+    @Test
+    public void testGetNotExistingProperty() throws RepositoryException, NotExecutableException {
+        String hint = "Fullname";
+        String propName = hint;
+        int i = 0;
+        while (user.hasProperty(propName)) {
+            propName = hint + i;
+            i++;
+        }
+        assertNull(user.getProperty(propName));
+        assertFalse(user.hasProperty(propName));
+    }
+
+    @Test
+    public void testRemoveNotExistingProperty() throws RepositoryException, NotExecutableException {
+        String hint = "Fullname";
+        String propName = hint;
+        int i = 0;
+        while (user.hasProperty(propName)) {
+            propName = hint + i;
+            i++;
+        }
+        assertFalse(user.removeProperty(propName));
+        superuser.save();
+    }
+
+    @Test
+    public void testSetSpecialProperties() throws NotExecutableException, RepositoryException {
+        Value v = superuser.getValueFactory().createValue("any_value");
+        for (String pName : protectedUserProps.keySet()) {
+            try {
+                boolean isMultiValued = protectedUserProps.get(pName);
+                if (isMultiValued) {
+                    user.setProperty(pName, new Value[] {v});
+                } else {
+                    user.setProperty(pName, v);
+                }
+                superuser.save();
+                fail("changing the '" + pName + "' property on a User should fail.");
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                superuser.refresh(false);
+            }
+        }
+
+        for (String pName : protectedGroupProps.keySet()) {
+            try {
+                boolean isMultiValued = protectedGroupProps.get(pName);
+                if (isMultiValued) {
+                    group.setProperty(pName, new Value[] {v});
+                } else {
+                    group.setProperty(pName, v);
+                }
+                superuser.save();
+                fail("changing the '" + pName + "' property on a Group should fail.");
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                superuser.refresh(false);
+            }
+        }
+    }
+
+    @Test
+    public void testRemoveSpecialProperties() throws NotExecutableException, RepositoryException {
+        for (String pName : protectedUserProps.keySet()) {
+            try {
+                if (user.removeProperty(pName)) {
+                    superuser.save();
+                    fail("removing the '" + pName + "' property on a User should fail.");
+                } // else: property not present: fine as well.
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                superuser.refresh(false);
+            }
+        }
+        for (String pName : protectedGroupProps.keySet()) {
+            try {
+                if (group.removeProperty(pName)) {
+                    superuser.save();
+                    fail("removing the '" + pName + "' property on a Group should fail.");
+                } // else: property not present. fine as well.
+            } catch (RepositoryException e) {
+                // success
+            } finally {
+                superuser.refresh(false);
+            }
+        }
+    }
+
+    @Test
+    public void testProtectedUserProperties() throws NotExecutableException, RepositoryException {
+        Node n = getNode(user, superuser);
+        if (n.hasProperty(UserConstants.REP_PASSWORD)) {
+            checkProtected(n.getProperty(UserConstants.REP_PASSWORD));
+        }
+        if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
+            checkProtected(n.getProperty(UserConstants.REP_PRINCIPAL_NAME));
+        }
+        if (n.hasProperty(UserConstants.REP_IMPERSONATORS)) {
+            checkProtected(n.getProperty(UserConstants.REP_IMPERSONATORS));
+        }
+    }
+
+    @Test
+    public void testProtectedGroupProperties() throws NotExecutableException, RepositoryException {
+        Node n = getNode(group, superuser);
+        if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
+            checkProtected(n.getProperty(UserConstants.REP_PRINCIPAL_NAME));
+        }
+        if (n.hasProperty(UserConstants.REP_MEMBERS)) {
+            checkProtected(n.getProperty(UserConstants.REP_MEMBERS));
+        }
+    }
+
+    @Test
+    public void testMembersPropertyType() throws NotExecutableException, RepositoryException {
+        Node n = getNode(group, superuser);
+        if (!n.hasProperty(UserConstants.REP_MEMBERS)) {
+            group.addMember(user);
+        }
+
+        Property p = n.getProperty(UserConstants.REP_MEMBERS);
+        for (Value v : p.getValues()) {
+            assertEquals(PropertyType.WEAKREFERENCE, v.getType());
+        }
+    }
+
+    @Test
+    public void testSetSpecialPropertiesDirectly() throws NotExecutableException, RepositoryException {
+        Node n = getNode(user, superuser);
+        try {
+            String pName = user.getPrincipal().getName();
+            n.setProperty(UserConstants.REP_PRINCIPAL_NAME, new StringValue("any-value"));
+
+            // should have failed => change value back.
+            n.setProperty(UserConstants.REP_PRINCIPAL_NAME, new StringValue(pName));
+            fail("Attempt to change protected property rep:principalName should fail.");
+        } catch (ConstraintViolationException e) {
+            // ok.
+        }
+
+        try {
+            String imperson = "anyimpersonator";
+            n.setProperty(
+                    UserConstants.REP_IMPERSONATORS,
+                    new Value[] {new StringValue(imperson)},
+                    PropertyType.STRING);
+            fail("Attempt to change protected property rep:impersonators should fail.");
+        } catch (ConstraintViolationException e) {
+            // ok.
+        }
+    }
+
+    @Test
+    public void testRemoveSpecialUserPropertiesDirectly() throws RepositoryException, NotExecutableException {
+        Node n = getNode(user, superuser);
+        try {
+            n.getProperty(UserConstants.REP_PASSWORD).remove();
+            fail("Attempt to remove protected property rep:password should fail.");
+        } catch (ConstraintViolationException e) {
+            // ok.
+        }
+        try {
+            if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
+                n.getProperty(UserConstants.REP_PRINCIPAL_NAME).remove();
+                fail("Attempt to remove protected property rep:principalName should fail.");
+            }
+        } catch (ConstraintViolationException e) {
+            // ok.
+        }
+    }
+
+    @Test
+    public void testRemoveSpecialGroupPropertiesDirectly() throws RepositoryException, NotExecutableException {
+        Node n = getNode(group, superuser);
+        try {
+            if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
+                n.getProperty(UserConstants.REP_PRINCIPAL_NAME).remove();
+                fail("Attempt to remove protected property rep:principalName should fail.");
+            }
+        } catch (ConstraintViolationException e) {
+            // ok.
+        }
+        try {
+            if (n.hasProperty(UserConstants.REP_MEMBERS)) {
+                n.getProperty(UserConstants.REP_MEMBERS).remove();
+                fail("Attempt to remove protected property rep:members should fail.");
+            }
+        } catch (ConstraintViolationException e) {
+            // ok.
+        }
+    }
+
+    @Test
+    public void testUserGetProperties() throws RepositoryException, NotExecutableException {
+        Node n = getNode(user, superuser);
+        for (PropertyIterator it = n.getProperties(); it.hasNext();) {
+            Property p = it.nextProperty();
+            if (p.getDefinition().isProtected()) {
+                assertFalse(user.hasProperty(p.getName()));
+                assertNull(user.getProperty(p.getName()));
+            } else {
+                // authorizable defined property
+                assertTrue(user.hasProperty(p.getName()));
+                assertNotNull(user.getProperty(p.getName()));
+            }
+        }
+    }
+
+    @Test
+    public void testGroupGetProperties() throws RepositoryException, NotExecutableException {
+        Node n = getNode(group, superuser);
+        for (PropertyIterator it = n.getProperties(); it.hasNext();) {
+            Property prop = it.nextProperty();
+            if (prop.getDefinition().isProtected()) {
+                assertFalse(group.hasProperty(prop.getName()));
+                assertNull(group.getProperty(prop.getName()));
+            } else {
+                // authorizable defined property
+                assertTrue(group.hasProperty(prop.getName()));
+                assertNotNull(group.getProperty(prop.getName()));
+            }
+        }
+    }
+
+    @Test
+    public void testSingleToMultiValued() throws Exception {
+        UserManager uMgr = getUserManager(superuser);
+        try {
+            Value v = superuser.getValueFactory().createValue("anyValue");
+            user.setProperty("someProp", v);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+            Value[] vs = new Value[] {v, v};
+            user.setProperty("someProp", vs);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        } finally {
+            if (user.removeProperty("someProp") && !uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        }
+    }
+
+    @Test
+    public void testMultiValuedToSingle() throws Exception {
+        UserManager uMgr = getUserManager(superuser);
+        try {
+            Value v = superuser.getValueFactory().createValue("anyValue");
+            Value[] vs = new Value[] {v, v};
+            user.setProperty("someProp", vs);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+            user.setProperty("someProp", v);
+            if (!uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        } finally {
+            if (user.removeProperty("someProp") && !uMgr.isAutoSave()) {
+                superuser.save();
+            }
+        }
+    }
+}
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizableTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizableTest.java?rev=1406225&r1=1406224&r2=1406225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizableTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizableTest.java Tue Nov  6 17:12:34 2012
@@ -17,31 +17,17 @@
 package org.apache.jackrabbit.oak.jcr.security.user;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
 import java.util.Set;
-import javax.jcr.Node;
-import javax.jcr.Property;
-import javax.jcr.PropertyIterator;
-import javax.jcr.PropertyType;
 import javax.jcr.RepositoryException;
 import javax.jcr.UnsupportedRepositoryOperationException;
 import javax.jcr.Value;
-import javax.jcr.nodetype.ConstraintViolationException;
 
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.User;
-import org.apache.jackrabbit.api.security.user.UserManager;
-import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.test.NotExecutableException;
-import org.apache.jackrabbit.util.Text;
-import org.apache.jackrabbit.value.StringValue;
 import org.junit.Test;
 
 /**
@@ -49,339 +35,6 @@ import org.junit.Test;
  */
 public class AuthorizableTest extends AbstractUserTest {
 
-    private Map<String, Boolean> protectedUserProps = new HashMap<String, Boolean>();
-    private Map<String, Boolean> protectedGroupProps = new HashMap<String, Boolean>();
-
-    @Override
-    protected void setUp() throws Exception {
-        super.setUp();
-
-        protectedUserProps.put(UserConstants.REP_PASSWORD, false);
-        protectedUserProps.put(UserConstants.REP_IMPERSONATORS, true);
-        protectedUserProps.put(UserConstants.REP_PRINCIPAL_NAME, false);
-
-        protectedGroupProps.put(UserConstants.REP_MEMBERS, true);
-        protectedGroupProps.put(UserConstants.REP_PRINCIPAL_NAME, false);
-    }
-
-    private static void checkProtected(Property prop) throws RepositoryException {
-        assertTrue(prop.getDefinition().isProtected());
-    }
-
-    @Test
-    public void testSetProperty() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        String propName = "Fullname";
-        Value v = superuser.getValueFactory().createValue("Super User");
-        try {
-            auth.setProperty(propName, v);
-            superuser.save();
-        } catch (RepositoryException e) {
-            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
-        }
-
-        try {
-            boolean found = false;
-            for (Iterator<String> it = auth.getPropertyNames(); it.hasNext() && !found;) {
-                found = propName.equals(it.next());
-            }
-            assertTrue(found);
-
-            found = false;
-            for (Iterator<String> it = auth.getPropertyNames("."); it.hasNext() && !found;) {
-                found = propName.equals(it.next());
-            }
-            assertTrue(found);
-
-            assertTrue(auth.hasProperty(propName));
-            assertTrue(auth.hasProperty("./" + propName));
-            
-            assertTrue(auth.getProperty(propName).length == 1);
-
-            assertEquals(v, auth.getProperty(propName)[0]);
-            assertEquals(v, auth.getProperty("./" + propName)[0]);
-
-            assertTrue(auth.removeProperty(propName));
-            assertFalse(auth.hasProperty(propName));
-            
-            superuser.save();
-        } finally {
-            // try to remove the property again even if previous calls failed.
-            auth.removeProperty(propName);
-            superuser.save();
-        }
-    }
-
-    @Test
-    public void testSetMultiValueProperty() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        String propName = "Fullname";
-        Value[] v = new Value[] {superuser.getValueFactory().createValue("Super User")};
-        try {
-            auth.setProperty(propName, v);
-            superuser.save();
-        } catch (RepositoryException e) {
-            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
-        }
-
-        try {
-            boolean found = false;
-            for (Iterator<String> it = auth.getPropertyNames(); it.hasNext() && !found;) {
-                found = propName.equals(it.next());
-            }
-            assertTrue(found);
-
-            found = false;
-            for (Iterator<String> it = auth.getPropertyNames("."); it.hasNext() && !found;) {
-                found = propName.equals(it.next());
-            }
-            assertTrue(found);
-            
-            assertTrue(auth.hasProperty(propName));
-            assertTrue(auth.hasProperty("./" + propName));
-            
-            assertEquals(Arrays.asList(v), Arrays.asList(auth.getProperty(propName)));
-            assertEquals(Arrays.asList(v), Arrays.asList(auth.getProperty("./" + propName)));
-
-            assertTrue(auth.removeProperty(propName));
-            assertFalse(auth.hasProperty(propName));
-            
-            superuser.save();
-        } finally {
-            // try to remove the property again even if previous calls failed.
-            auth.removeProperty(propName);
-            superuser.save();
-        }
-    }
-
-    @Test
-    public void testSetPropertyByRelPath() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-        Value[] v = new Value[] {superuser.getValueFactory().createValue("Super User")};
-
-        List<String> relPaths = new ArrayList<String>();
-        relPaths.add("testing/Fullname");
-        relPaths.add("testing/Email");
-        relPaths.add("testing/testing/testing/Fullname");
-        relPaths.add("testing/testing/testing/Email");
-
-        for (String relPath : relPaths) {
-            try {
-                auth.setProperty(relPath, v);
-                superuser.save();
-
-                assertTrue(auth.hasProperty(relPath));
-                String propName = Text.getName(relPath);
-                assertFalse(auth.hasProperty(propName));
-            } finally {
-                // try to remove the property even if previous calls failed.
-                auth.removeProperty(relPath);
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
-    public void testSetPropertyInvalidRelativePath() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-        Value[] v = new Value[] {superuser.getValueFactory().createValue("Super User")};
-
-        List<String> invalidPaths = new ArrayList<String>();
-        // try setting outside of tree defined by the user.
-        invalidPaths.add("../testing/Fullname");
-        invalidPaths.add("../../testing/Fullname");
-        invalidPaths.add("testing/testing/../../../Fullname");
-        // try absolute path -> must fail
-        invalidPaths.add("/testing/Fullname");
-
-        for (String invalidRelPath : invalidPaths) {
-            try {
-                auth.setProperty(invalidRelPath, v);
-                fail("Modifications outside of the scope of the authorizable must fail. Path was: " + invalidRelPath);
-            } catch (Exception e) {
-                // success.
-            } finally {
-                superuser.refresh(false);
-            }
-        }
-    }
-
-    @Test
-    public void testGetPropertyByInvalidRelativePath() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        List<String> wrongPaths = new ArrayList<String>();
-        wrongPaths.add("../jcr:primaryType");
-        wrongPaths.add("../../jcr:primaryType");
-        wrongPaths.add("../testing/jcr:primaryType");
-        for (String path : wrongPaths) {
-            assertNull(auth.getProperty(path));
-        }
-
-        List<String> invalidPaths = new ArrayList<String>();
-        invalidPaths.add("/testing/jcr:primaryType");
-        invalidPaths.add("..");
-        invalidPaths.add(".");
-        invalidPaths.add(null);
-        for (String invalidPath : invalidPaths) {
-            try {
-                assertNull(auth.getProperty(invalidPath));
-            } catch (Exception e) {
-                // success
-            }
-        }
-    }
-
-    @Test
-    public void testHasPropertyByInvalidRelativePath() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        List<String> wrongPaths = new ArrayList<String>();
-        wrongPaths.add("../jcr:primaryType");
-        wrongPaths.add("../../jcr:primaryType");
-        wrongPaths.add("../testing/jcr:primaryType");
-        for (String path : wrongPaths) {
-            assertFalse(auth.hasProperty(path));
-        }
-
-
-        List<String> invalidPaths = new ArrayList<String>();
-        invalidPaths.add("..");
-        invalidPaths.add(".");
-        invalidPaths.add(null);
-
-        for (String invalidPath : invalidPaths) {
-            try {
-                assertFalse(auth.hasProperty(invalidPath));
-            } catch (Exception e) {
-                // success
-            }
-        }
-    }
-
-    @Test
-    public void testGetPropertyNames() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        String propName = "Fullname";
-        Value v = superuser.getValueFactory().createValue("Super User");
-        try {
-            auth.setProperty(propName, v);
-            superuser.save();
-        } catch (RepositoryException e) {
-            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
-        }
-
-        try {
-            for (Iterator<String> it = auth.getPropertyNames(); it.hasNext();) {
-                String name = it.next();
-                assertTrue(auth.hasProperty(name));
-                assertNotNull(auth.getProperty(name));
-            }
-        } finally {
-            // try to remove the property again even if previous calls failed.
-            auth.removeProperty(propName);
-            superuser.save();
-        }
-    }
-
-    @Test
-    public void testGetPropertyNamesByRelPath() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        String relPath = "testing/Fullname";
-        Value v = superuser.getValueFactory().createValue("Super User");
-        try {
-            auth.setProperty(relPath, v);
-            superuser.save();
-        } catch (RepositoryException e) {
-            throw new NotExecutableException("Cannot test 'Authorizable.setProperty'.");
-        }
-
-        try {
-            for (Iterator<String> it = auth.getPropertyNames(); it.hasNext();) {
-                String name = it.next();
-                assertFalse("Fullname".equals(name));
-            }
-
-            for (Iterator<String> it = auth.getPropertyNames("testing"); it.hasNext();) {
-                String name = it.next();
-                String rp = "testing/" + name;
-                
-                assertFalse(auth.hasProperty(name));
-                assertNull(auth.getProperty(name));
-
-                assertTrue(auth.hasProperty(rp));
-                assertNotNull(auth.getProperty(rp));
-            }
-            for (Iterator<String> it = auth.getPropertyNames("./testing"); it.hasNext();) {
-                String name = it.next();
-                String rp = "testing/" + name;
-
-                assertFalse(auth.hasProperty(name));
-                assertNull(auth.getProperty(name));
-
-                assertTrue(auth.hasProperty(rp));
-                assertNotNull(auth.getProperty(rp));
-            }
-        } finally {
-            // try to remove the property again even if previous calls failed.
-            auth.removeProperty(relPath);
-            superuser.save();
-        }
-    }
-
-    @Test
-    public void testGetPropertyNamesByInvalidRelPath() throws NotExecutableException, RepositoryException {
-        Authorizable auth = getTestUser(superuser);
-
-        List<String> invalidPaths = new ArrayList<String>();
-        invalidPaths.add("../");
-        invalidPaths.add("../../");
-        invalidPaths.add("../testing");
-        invalidPaths.add("/testing");
-        invalidPaths.add(null);
-
-        for (String invalidRelPath : invalidPaths) {
-            try {
-                auth.getPropertyNames(invalidRelPath);
-                fail("Calling Authorizable#getPropertyNames with " + invalidRelPath + " must fail.");
-            } catch (Exception e) {
-                // success
-            }
-        }
-    }
-
-    @Test
-    public void testGetNotExistingProperty() throws RepositoryException, NotExecutableException {
-        Authorizable auth = getTestUser(superuser);
-        String hint = "Fullname";
-        String propName = hint;
-        int i = 0;
-        while (auth.hasProperty(propName)) {
-            propName = hint + i;
-            i++;
-        }
-        assertNull(auth.getProperty(propName));
-        assertFalse(auth.hasProperty(propName));
-    }
-
-    @Test
-    public void testRemoveNotExistingProperty() throws RepositoryException, NotExecutableException {
-        Authorizable auth = getTestUser(superuser);
-        String hint = "Fullname";
-        String propName = hint;
-        int i = 0;
-        while (auth.hasProperty(propName)) {
-            propName = hint + i;
-            i++;
-        }
-        assertFalse(auth.removeProperty(propName));
-        superuser.save();
-    }
-
     /**
      * Removing an authorizable that is still listed as member of a group.
      * @throws javax.jcr.RepositoryException
@@ -422,262 +75,6 @@ public class AuthorizableTest extends Ab
     }
 
     @Test
-    public void testSetSpecialProperties() throws NotExecutableException, RepositoryException {
-        Value v = superuser.getValueFactory().createValue("any_value");
-
-        for (String pName : protectedUserProps.keySet()) {
-            try {
-                boolean isMultiValued = protectedUserProps.get(pName);
-                if (isMultiValued) {
-                    user.setProperty(pName, new Value[] {v});
-                } else {
-                    user.setProperty(pName, v);
-                }
-                superuser.save();
-                fail("changing the '" + pName + "' property on a User should fail.");
-            } catch (RepositoryException e) {
-                // success
-            } finally {
-                superuser.refresh(false);
-            }
-        }
-
-        for (String pName : protectedGroupProps.keySet()) {
-            try {
-                boolean isMultiValued = protectedGroupProps.get(pName);
-                if (isMultiValued) {
-                    group.setProperty(pName, new Value[] {v});
-                } else {
-                    group.setProperty(pName, v);
-                }
-                superuser.save();
-                fail("changing the '" + pName + "' property on a Group should fail.");
-            } catch (RepositoryException e) {
-                // success
-            } finally {
-                superuser.refresh(false);
-            }
-        }
-    }
-
-    @Test
-    public void testRemoveSpecialProperties() throws NotExecutableException, RepositoryException {
-        for (String pName : protectedUserProps.keySet()) {
-            try {
-                if (user.removeProperty(pName)) {
-                    superuser.save();
-                    fail("removing the '" + pName + "' property on a User should fail.");
-                } // else: property not present: fine as well.
-            } catch (RepositoryException e) {
-                // success
-            } finally {
-                superuser.refresh(false);
-            }
-        }
-        for (String pName : protectedGroupProps.keySet()) {
-            try {
-                if (group.removeProperty(pName)) {
-                    superuser.save();
-                    fail("removing the '" + pName + "' property on a Group should fail.");
-                } // else: property not present. fine as well.
-            } catch (RepositoryException e) {
-                // success
-            } finally {
-                superuser.refresh(false);
-            }
-        }
-    }
-
-    @Test
-    public void testProtectedUserProperties() throws NotExecutableException, RepositoryException {
-        User user = getTestUser(superuser);
-        Node n = getNode(user, superuser);
-
-        if (n.hasProperty(UserConstants.REP_PASSWORD)) {
-            checkProtected(n.getProperty(UserConstants.REP_PASSWORD));
-        }
-        if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
-            checkProtected(n.getProperty(UserConstants.REP_PRINCIPAL_NAME));
-        }
-        if (n.hasProperty(UserConstants.REP_IMPERSONATORS)) {
-           checkProtected(n.getProperty(UserConstants.REP_IMPERSONATORS));
-        }
-    }
-
-    @Test
-    public void testProtectedGroupProperties() throws NotExecutableException, RepositoryException {
-        Node n = getNode(group, superuser);
-
-        if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
-            checkProtected(n.getProperty(UserConstants.REP_PRINCIPAL_NAME));
-        }
-        if (n.hasProperty(UserConstants.REP_MEMBERS)) {
-            checkProtected(n.getProperty(UserConstants.REP_MEMBERS));
-        }
-    }
-
-    @Test
-    public void testMembersPropertyType() throws NotExecutableException, RepositoryException {
-        Node n = getNode(group, superuser);
-
-        if (!n.hasProperty(UserConstants.REP_MEMBERS)) {
-            group.addMember(getTestUser(superuser));
-        }
-
-        Property p = n.getProperty(UserConstants.REP_MEMBERS);
-        for (Value v : p.getValues()) {
-            assertEquals(PropertyType.WEAKREFERENCE, v.getType());
-        }
-    }
-
-    @Test
-    public void testSetSpecialPropertiesDirectly() throws NotExecutableException, RepositoryException {
-        Authorizable user = getTestUser(superuser);
-        Node n = getNode(user, superuser);
-        try {
-            String pName = user.getPrincipal().getName();
-            n.setProperty(UserConstants.REP_PRINCIPAL_NAME, new StringValue("any-value"));
-
-            // should have failed => change value back.
-            n.setProperty(UserConstants.REP_PRINCIPAL_NAME, new StringValue(pName));
-            fail("Attempt to change protected property rep:principalName should fail.");
-        } catch (ConstraintViolationException e) {
-            // ok.
-        }
-
-        try {
-            String imperson = "anyimpersonator";
-            n.setProperty(
-                    UserConstants.REP_IMPERSONATORS,
-                    new Value[] {new StringValue(imperson)},
-                    PropertyType.STRING);
-            fail("Attempt to change protected property rep:impersonators should fail.");
-        } catch (ConstraintViolationException e) {
-            // ok.
-        }
-    }
-
-    @Test
-    public void testRemoveSpecialUserPropertiesDirectly() throws RepositoryException, NotExecutableException {
-        Authorizable g = getTestUser(superuser);
-        Node n = getNode(g, superuser);
-        try {
-            n.getProperty(UserConstants.REP_PASSWORD).remove();
-            fail("Attempt to remove protected property rep:password should fail.");
-        } catch (ConstraintViolationException e) {
-            // ok.
-        }
-        try {
-            if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
-                n.getProperty(UserConstants.REP_PRINCIPAL_NAME).remove();
-                fail("Attempt to remove protected property rep:principalName should fail.");
-            }
-        } catch (ConstraintViolationException e) {
-            // ok.
-        }
-    }
-
-    @Test
-    public void testRemoveSpecialGroupPropertiesDirectly() throws RepositoryException, NotExecutableException {
-        Node n = getNode(group, superuser);
-        try {
-            if (n.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
-                n.getProperty(UserConstants.REP_PRINCIPAL_NAME).remove();
-                fail("Attempt to remove protected property rep:principalName should fail.");
-            }
-        } catch (ConstraintViolationException e) {
-            // ok.
-        }
-        try {
-            if (n.hasProperty(UserConstants.REP_MEMBERS)) {
-                n.getProperty(UserConstants.REP_MEMBERS).remove();
-                fail("Attempt to remove protected property rep:members should fail.");
-            }
-        } catch (ConstraintViolationException e) {
-            // ok.
-        }
-    }
-
-    @Test
-    public void testUserGetProperties() throws RepositoryException, NotExecutableException {
-        Authorizable user = getTestUser(superuser);
-        Node n = getNode(user, superuser);
-
-        for (PropertyIterator it = n.getProperties(); it.hasNext();) {
-            Property p = it.nextProperty();
-            if (p.getDefinition().isProtected()) {
-                assertFalse(user.hasProperty(p.getName()));
-                assertNull(user.getProperty(p.getName()));
-            } else {
-                // authorizable defined property
-                assertTrue(user.hasProperty(p.getName()));
-                assertNotNull(user.getProperty(p.getName()));
-            }
-        }
-    }
-
-    @Test
-    public void testGroupGetProperties() throws RepositoryException, NotExecutableException {
-        Node n = getNode(group, superuser);
-
-        for (PropertyIterator it = n.getProperties(); it.hasNext();) {
-            Property prop = it.nextProperty();
-            if (prop.getDefinition().isProtected()) {
-                assertFalse(group.hasProperty(prop.getName()));
-                assertNull(group.getProperty(prop.getName()));
-            } else {
-                // authorizable defined property
-                assertTrue(group.hasProperty(prop.getName()));
-                assertNotNull(group.getProperty(prop.getName()));
-            }
-        }
-    }
-
-    @Test
-    public void testSingleToMultiValued() throws Exception {
-        Authorizable user = getTestUser(superuser);
-        UserManager uMgr = getUserManager(superuser);
-        try {
-            Value v = superuser.getValueFactory().createValue("anyValue");
-            user.setProperty("someProp", v);
-            if (!uMgr.isAutoSave()) {
-                superuser.save();
-            }
-            Value[] vs = new Value[] {v, v};
-            user.setProperty("someProp", vs);
-            if (!uMgr.isAutoSave()) {
-                superuser.save();
-            }
-        } finally {
-            if (user.removeProperty("someProp") && !uMgr.isAutoSave()) {
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
-    public void testMultiValuedToSingle() throws Exception {
-        Authorizable user = getTestUser(superuser);
-        UserManager uMgr = getUserManager(superuser);
-        try {
-            Value v = superuser.getValueFactory().createValue("anyValue");
-            Value[] vs = new Value[] {v, v};
-            user.setProperty("someProp", vs);
-            if (!uMgr.isAutoSave()) {
-                superuser.save();
-            }
-            user.setProperty("someProp", v);
-            if (!uMgr.isAutoSave()) {
-                superuser.save();
-            }
-        } finally {
-            if (user.removeProperty("someProp") && !uMgr.isAutoSave()) {
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
     public void testObjectMethods() throws Exception {
         final Authorizable user = getTestUser(superuser);
         Authorizable user2 = getTestUser(superuser);

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java?rev=1406225&r1=1406224&r2=1406225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java Tue Nov  6 17:12:34 2012
@@ -24,6 +24,7 @@ import javax.jcr.RepositoryException;
 
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.oak.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.junit.Test;
@@ -73,11 +74,7 @@ public class EveryoneGroupTest extends A
         java.security.acl.Group gr = (java.security.acl.Group) everyonePrincipal;
         assertFalse(gr.isMember(everyonePrincipal));
         assertTrue(gr.isMember(getTestUser(superuser).getPrincipal()));
-        assertTrue(gr.isMember(new Principal() {
-            public String getName() {
-                return "test";
-            }
-        }));
+        assertTrue(gr.isMember(new PrincipalImpl("test")));
     }
 
     @Test

Added: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java?rev=1406225&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java (added)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java Tue Nov  6 17:12:34 2012
@@ -0,0 +1,255 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.jcr.security.user;
+
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
+import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.test.NotExecutableException;
+import org.junit.Test;
+
+/**
+ * FindAuthorizablesTest...
+ */
+public class FindAuthorizablesTest extends AbstractUserTest {
+
+    @Test
+    public void testFindAuthorizable() throws RepositoryException, NotExecutableException {
+        Set<Principal> principals = new HashSet<Principal>();
+        PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
+        Principal p = pMgr.getPrincipal(superuser.getUserID());
+        if (p != null) {
+            principals.add(p);
+            PrincipalIterator principalIterator = pMgr.getGroupMembership(p);
+            while (principalIterator.hasNext()) {
+                principals.add(principalIterator.nextPrincipal());
+            }
+        }
+
+        Authorizable auth;
+        for (Principal principal : principals) {
+            auth = userMgr.getAuthorizable(principal);
+            if (auth != null) {
+                if (!auth.isGroup() && auth.hasProperty(UserConstants.REP_PRINCIPAL_NAME)) {
+                    String val = auth.getProperty(UserConstants.REP_PRINCIPAL_NAME)[0].getString();
+                    Iterator<Authorizable> users = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, val);
+
+                    // the result must contain 1 authorizable
+                    assertTrue(users.hasNext());
+                    Authorizable first = users.next();
+                    assertEquals(first.getID(), val);
+
+                    // since id is unique -> there should be no more users in
+                    // the iterator left
+                    assertFalse(users.hasNext());
+                }
+            }
+        }
+    }
+
+    @Test
+    public void testFindAuthorizableByAddedProperty() throws RepositoryException, NotExecutableException {
+        Principal p = getTestPrincipal();
+        Authorizable auth = null;
+
+        try {
+            auth = userMgr.createGroup(p);
+            auth.setProperty("E-Mail", new Value[] { superuser.getValueFactory().createValue("anyVal")});
+            superuser.save();
+
+            boolean found = false;
+            Iterator<Authorizable> result = userMgr.findAuthorizables("E-Mail", "anyVal");
+            while (result.hasNext()) {
+                Authorizable a = result.next();
+                if (a.getID().equals(auth.getID())) {
+                    found = true;
+                }
+            }
+
+            assertTrue(found);
+        } finally {
+            // remove the create group again.
+            if (auth != null) {
+                auth.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    @Test
+    public void testFindAuthorizableByRelativePath() throws NotExecutableException, RepositoryException {
+        Principal p = getTestPrincipal();
+        Authorizable auth = null;
+
+        try {
+            auth = userMgr.createGroup(p);
+            Value[] vs = new Value[] {
+                    superuser.getValueFactory().createValue("v1"),
+                    superuser.getValueFactory().createValue("v2")
+            };
+            superuser.save();
+
+            String relPath = "relPath/" + propertyName1;
+            String relPath2 = "another/" + propertyName1;
+            String relPath3 = "relPath/relPath/" + propertyName1;
+            auth.setProperty(relPath, vs);
+            auth.setProperty(relPath2, vs);
+            auth.setProperty(relPath3, superuser.getValueFactory().createValue("v3"));
+
+            // relPath = "prop1", v = "v1" -> should find the target group
+            Iterator<Authorizable> result = userMgr.findAuthorizables(propertyName1, "v1");
+            assertTrue("expected result", result.hasNext());
+            assertEquals(auth.getID(), result.next().getID());
+            assertFalse("expected no more results", result.hasNext());
+
+            // relPath = "prop1", v = "v1" -> should find the target group
+            result = userMgr.findAuthorizables(propertyName1, "v3");
+            assertTrue("expected result", result.hasNext());
+            assertEquals(auth.getID(), result.next().getID());
+            assertFalse("expected no more results", result.hasNext());
+
+            // relPath = "relPath/prop1", v = "v1" -> should find the target group
+            result = userMgr.findAuthorizables(relPath, "v1");
+            assertTrue("expected result", result.hasNext());
+            assertEquals(auth.getID(), result.next().getID());
+            assertFalse("expected no more results", result.hasNext());
+
+            // relPath : "./prop1", v = "v1" -> should not find the target group
+            result = userMgr.findAuthorizables("./" + propertyName1, "v1");
+            assertFalse("expected result", result.hasNext());
+
+        } finally {
+            // remove the create group again.
+            if (auth != null) {
+                auth.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    @Test
+    public void testFindUser() throws RepositoryException, NotExecutableException {
+        User u = null;
+        try {
+            Principal p = getTestPrincipal();
+            String uid = createUserId();
+
+            u = userMgr.createUser(uid, "pw", p, null);
+            superuser.save();
+
+            boolean found = false;
+            Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_USER);
+            while (it.hasNext() && !found) {
+                User nu = (User) it.next();
+                found = nu.getID().equals(uid);
+            }
+            assertTrue("Searching for 'null' must find the created user.", found);
+
+            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_USER);
+            found = false;
+            while (it.hasNext() && !found) {
+                User nu = (User) it.next();
+                found = nu.getPrincipal().getName().equals(p.getName());
+            }
+            assertTrue("Searching for principal-name must find the created user.", found);
+
+            // but search groups should not find anything
+            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_GROUP);
+            assertFalse(it.hasNext());
+
+            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_GROUP);
+            while (it.hasNext()) {
+                if (it.next().getPrincipal().getName().equals(p.getName())) {
+                    fail("Searching for Groups should never find a user");
+                }
+            }
+        } finally {
+            if (u != null) {
+                u.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    @Test
+    public void testFindGroup() throws RepositoryException, NotExecutableException {
+        Group gr = null;
+        try {
+            Principal p = getTestPrincipal();
+            gr = userMgr.createGroup(p);
+            superuser.save();
+
+            boolean found = false;
+            Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_GROUP);
+            while (it.hasNext() && !found) {
+                Group ng = (Group) it.next();
+                found = ng.getPrincipal().getName().equals(p.getName());
+            }
+            assertTrue("Searching for 'null' must find the created group.", found);
+
+            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_GROUP);
+            assertTrue(it.hasNext());
+            Group ng = (Group) it.next();
+            assertEquals("Searching for principal-name must find the created group.", p.getName(), ng.getPrincipal().getName());
+            assertFalse("Only a single group must be found for a given principal name.", it.hasNext());
+
+            // but search users should not find anything
+            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_USER);
+            assertFalse(it.hasNext());
+
+            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_USER);
+            while (it.hasNext()) {
+                if (it.next().getPrincipal().getName().equals(p.getName())) {
+                    fail("Searching for Users should never find a group");
+                }
+            }
+        } finally {
+            if (gr != null) {
+                gr.remove();
+                superuser.save();
+            }
+        }
+    }
+
+    @Test
+    public void testFindAllUsers() throws RepositoryException {
+        Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_USER);
+        while (it.hasNext()) {
+            assertFalse(it.next().isGroup());
+        }
+    }
+
+    @Test
+    public void testFindAllGroups() throws RepositoryException {
+        Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_GROUP);
+        while (it.hasNext()) {
+            assertTrue(it.next().isGroup());
+        }
+    }
+}
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserManagerTest.java?rev=1406225&r1=1406224&r2=1406225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserManagerTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserManagerTest.java Tue Nov  6 17:12:34 2012
@@ -19,22 +19,20 @@ package org.apache.jackrabbit.oak.jcr.se
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.HashMap;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import javax.jcr.Credentials;
-import javax.jcr.Node;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.SimpleCredentials;
 import javax.jcr.UnsupportedRepositoryOperationException;
-import javax.jcr.Value;
 
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.AuthorizableExistsException;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.test.NotExecutableException;
@@ -178,12 +176,7 @@ public class UserManagerTest extends Abs
         Principal p = getTestPrincipal();
         String uid = p.getName();
 
-        Principal emptyNamePrincipal = new Principal() {
-            @Override
-            public String getName() {
-                 return "";
-            }
-        };
+        Principal emptyNamePrincipal = new PrincipalImpl("");
         
         Map<String, Principal> fail = new HashMap<String, Principal>();
         fail.put(uid, null);
@@ -500,186 +493,6 @@ public class UserManagerTest extends Abs
     }
 
     @Test
-    public void testFindAuthorizableByAddedProperty() throws RepositoryException, NotExecutableException {
-        Principal p = getTestPrincipal();
-        Authorizable auth = null;
-
-        try {
-            auth= userMgr.createGroup(p);
-            auth.setProperty("E-Mail", new Value[] { superuser.getValueFactory().createValue("anyVal")});
-            superuser.save();
-
-            boolean found = false;
-            Iterator<Authorizable> result = userMgr.findAuthorizables("E-Mail", "anyVal");
-            while (result.hasNext()) {
-                Authorizable a = result.next();
-                if (a.getID().equals(auth.getID())) {
-                    found = true;
-                }
-            }
-
-            assertTrue(found);
-        } finally {
-            // remove the create group again.
-            if (auth != null) {
-                auth.remove();
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
-    public void testFindAuthorizableByRelativePath() throws NotExecutableException, RepositoryException {
-        Principal p = getTestPrincipal();
-        Authorizable auth = null;
-
-        try {
-            auth= userMgr.createGroup(p);
-            Value[] vs = new Value[] {
-                    superuser.getValueFactory().createValue("v1"),
-                    superuser.getValueFactory().createValue("v2")
-            };
-
-            String relPath = "relPath/" + propertyName1;
-            String relPath2 = "another/" + propertyName1;
-            String relPath3 = "relPath/relPath/" + propertyName1;
-            auth.setProperty(relPath, vs);
-            auth.setProperty(relPath2, vs);
-            auth.setProperty(relPath3, superuser.getValueFactory().createValue("v3"));
-            superuser.save();
-
-            // relPath = "prop1", v = "v1" -> should find the target group
-            Iterator<Authorizable> result = userMgr.findAuthorizables(propertyName1, "v1");
-            assertTrue("expected result", result.hasNext());
-            assertEquals(auth.getID(), result.next().getID());
-            assertFalse("expected no more results", result.hasNext());
-
-            // relPath = "prop1", v = "v1" -> should find the target group
-            result = userMgr.findAuthorizables(propertyName1, "v3");
-            assertTrue("expected result", result.hasNext());
-            assertEquals(auth.getID(), result.next().getID());
-            assertFalse("expected no more results", result.hasNext());
-
-            // relPath = "relPath/prop1", v = "v1" -> should find the target group
-            result = userMgr.findAuthorizables(relPath, "v1");
-            assertTrue("expected result", result.hasNext());
-            assertEquals(auth.getID(), result.next().getID());
-            assertFalse("expected no more results", result.hasNext());
-
-            // relPath : "./prop1", v = "v1" -> should not find the target group
-            result = userMgr.findAuthorizables("./" + propertyName1, "v1");
-            assertFalse("expected result", result.hasNext());
-
-        } finally {
-            // remove the create group again.
-            if (auth != null) {
-                auth.remove();
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
-    public void testFindUser() throws RepositoryException, NotExecutableException {
-        User u = null;
-        try {
-            Principal p = getTestPrincipal();
-            String uid = createUserId();
-
-            u = userMgr.createUser(uid, "pw", p, null);
-            superuser.save();
-
-            boolean found = false;
-            Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_USER);
-            while (it.hasNext() && !found) {
-                User nu = (User) it.next();
-                found = nu.getID().equals(uid);
-            }
-            assertTrue("Searching for 'null' must find the created user.", found);
-
-            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_USER);
-            found = false;
-            while (it.hasNext() && !found) {
-                User nu = (User) it.next();
-                found = nu.getPrincipal().getName().equals(p.getName());
-            }
-            assertTrue("Searching for principal-name must find the created user.", found);
-
-            // but search groups should not find anything
-            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_GROUP);
-            assertFalse(it.hasNext());
-
-            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_GROUP);
-            while (it.hasNext()) {
-                if (it.next().getPrincipal().getName().equals(p.getName())) {
-                    fail("Searching for Groups should never find a user");
-                }
-            }
-        } finally {
-            if (u != null) {
-                u.remove();
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
-    public void testFindGroup() throws RepositoryException, NotExecutableException {
-        Group gr = null;
-        try {
-            Principal p = getTestPrincipal();
-            gr = userMgr.createGroup(p);
-            superuser.save();
-
-            boolean found = false;
-            Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_GROUP);
-            while (it.hasNext() && !found) {
-                Group ng = (Group) it.next();
-                found = ng.getPrincipal().getName().equals(p.getName());
-            }
-            assertTrue("Searching for \"\" must find the created group.", found);
-
-            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_GROUP);
-            assertTrue(it.hasNext());
-            Group ng = (Group) it.next();
-            assertEquals("Searching for principal-name must find the created group.", p.getName(), ng.getPrincipal().getName());
-            assertFalse("Only a single group must be found for a given principal name.", it.hasNext());
-
-            // but search users should not find anything
-            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, p.getName(), UserManager.SEARCH_TYPE_USER);
-            assertFalse(it.hasNext());
-
-            it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_USER);
-            while (it.hasNext()) {
-                if (it.next().getPrincipal().getName().equals(p.getName())) {
-                    fail("Searching for Users should never find a group");
-                }
-            }
-        } finally {
-            if (gr != null) {
-                gr.remove();
-                superuser.save();
-            }
-        }
-    }
-
-    @Test
-    public void testFindAllUsers() throws RepositoryException {
-        Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_USER);
-        while (it.hasNext()) {
-            assertFalse(it.next().isGroup());
-        }
-    }
-
-    @Test
-    public void testFindAllGroups() throws RepositoryException {
-        Iterator<Authorizable> it = userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null, UserManager.SEARCH_TYPE_GROUP);
-        while (it.hasNext()) {
-            assertTrue(it.next().isGroup());
-        }
-    }
-
-    @Test
     public void testNewUserCanLogin() throws RepositoryException, NotExecutableException {
         String uid = createUserId();
         User u = null;



Mime
View raw message