jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1469269 - in /jackrabbit/oak/trunk: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
Date Thu, 18 Apr 2013 10:21:04 GMT
Author: angela
Date: Thu Apr 18 10:21:04 2013
New Revision: 1469269

URL: http://svn.apache.org/r1469269
Log:
OAK-51 : Access Control Management (tests)

Modified:
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
    jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java?rev=1469269&r1=1469268&r2=1469269&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
Thu Apr 18 10:21:04 2013
@@ -18,9 +18,12 @@ package org.apache.jackrabbit.oak.securi
 
 import java.security.Principal;
 import java.security.acl.Group;
+import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import javax.jcr.PropertyType;
@@ -30,6 +33,7 @@ import javax.jcr.security.AccessControlE
 import javax.jcr.security.AccessControlException;
 import javax.jcr.security.Privilege;
 
+import com.google.common.collect.ImmutableList;
 import com.google.common.collect.Sets;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
@@ -38,8 +42,8 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
 import org.apache.jackrabbit.oak.plugins.value.ValueFactoryImpl;
 import org.apache.jackrabbit.oak.security.principal.PrincipalImpl;
-import org.apache.jackrabbit.oak.security.privilege.PrivilegeConstants;
 import org.apache.jackrabbit.oak.security.privilege.PrivilegeBitsProvider;
+import org.apache.jackrabbit.oak.security.privilege.PrivilegeConstants;
 import org.apache.jackrabbit.oak.spi.security.authorization.ACE;
 import org.apache.jackrabbit.oak.spi.security.authorization.AbstractAccessControlList;
 import org.apache.jackrabbit.oak.spi.security.authorization.AbstractAccessControlListTest;
@@ -57,7 +61,7 @@ import static org.junit.Assert.assertTru
 import static org.junit.Assert.fail;
 
 /**
- * ACLTest... TODO
+ * Test abstract {@code ACL} implementation.
  * <p/>
  * TODO: test restrictions
  * TODO: add test with multiple entries
@@ -463,6 +467,39 @@ public class ACLTest extends AbstractAcc
         assertACE(second, false, privilegesFromNames(JCR_READ, JCR_WRITE));
     }
 
+    @Ignore("OAK-51") // TODO
+    @Test
+    public void testAllowWriteDenyRemoveGroupEntries() throws Exception {
+        Principal everyone = principalManager.getEveryone();
+        Privilege[] grPriv = privilegesFromNames("rep:write");
+        Privilege[] dePriv = privilegesFromNames(JCR_REMOVE_CHILD_NODES);
+
+        acl.addEntry(everyone, grPriv, true, Collections.<String, Value>emptyMap());
+        acl.addEntry(everyone, dePriv, false, Collections.<String, Value>emptyMap());
+
+        Set<Privilege> allows = new HashSet<Privilege>();
+        Set<Privilege> denies = new HashSet<Privilege>();
+        AccessControlEntry[] entries = acl.getAccessControlEntries();
+        for (AccessControlEntry en : entries) {
+            if (everyone.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry)
{
+                JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
+                Privilege[] privs = ace.getPrivileges();
+                if (ace.isAllow()) {
+                    allows.addAll(Arrays.asList(privs));
+                } else {
+                    denies.addAll(Arrays.asList(privs));
+                }
+            }
+        }
+
+        Privilege[] expected = privilegesFromNames(JCR_ADD_CHILD_NODES, JCR_REMOVE_NODE,
JCR_MODIFY_PROPERTIES, JCR_NODE_TYPE_MANAGEMENT);
+        assertEquals(expected.length, allows.size());
+        assertTrue(allows.containsAll(ImmutableList.of(expected)));
+
+        assertEquals(1, denies.size());
+        assertEquals(privilegesFromNames(JCR_REMOVE_CHILD_NODES)[0], denies.iterator().next());
+    }
+
     @Test
     public void testUpdateAndComplementary() throws Exception {
         Privilege[] readPriv = privilegesFromNames(JCR_READ);

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java?rev=1469269&r1=1469268&r2=1469269&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
(original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
Thu Apr 18 10:21:04 2013
@@ -35,9 +35,10 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.principal.PrincipalManager;
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
+import org.junit.Test;
 
 /**
- * JackrabbitAccessControlListTest... TODO
+ * Testing {@code JackrabbitAccessControlList} functionality exposed by the API.
  */
 public class JackrabbitAccessControlListTest extends AbstractAccessControlTest {
 
@@ -89,10 +90,12 @@ public class JackrabbitAccessControlList
         }
     }
 
+    @Test
     public void testGetRestrictionNames() throws RepositoryException {
         assertNotNull(acl.getRestrictionNames());
     }
 
+    @Test
     public void testGetRestrictionType() throws RepositoryException {
         String[] names = acl.getRestrictionNames();
         for (String name : names) {
@@ -101,11 +104,13 @@ public class JackrabbitAccessControlList
         }
     }
 
+    @Test
     public void testApplicablePolicyIsEmpty() {
         assertTrue(acl.isEmpty());
         assertEquals(0, acl.size());
     }
 
+    @Test
     public void testIsEmpty() throws RepositoryException {
         if (acl.addAccessControlEntry(testPrincipal, testPrivileges)) {
             assertFalse(acl.isEmpty());
@@ -114,6 +119,7 @@ public class JackrabbitAccessControlList
         }
     }
 
+    @Test
     public void testSize() throws RepositoryException {
         if (acl.addAccessControlEntry(testPrincipal, testPrivileges)) {
             assertTrue(acl.size() > 0);
@@ -122,6 +128,7 @@ public class JackrabbitAccessControlList
         }
     }
 
+    @Test
     public void testAddEntry() throws NotExecutableException, RepositoryException {
         List<AccessControlEntry> entriesBefore = Arrays.asList(acl.getAccessControlEntries());
         if (acl.addEntry(testPrincipal, testPrivileges, true, Collections.<String, Value>emptyMap()))
{
@@ -140,40 +147,7 @@ public class JackrabbitAccessControlList
         }
     }
 
-    // TODO: rewrite
-//    public void testAllowWriteDenyRemove() throws NotExecutableException, RepositoryException
{
-//        Principal princ = getValidPrincipal();
-//        Privilege[] grPriv = privilegesFromName("rep:write");
-//        Privilege[] dePriv = privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES);
-//
-//        acl.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
-//        acl.addEntry(princ, dePriv, false, Collections.<String, Value>emptyMap());
-//
-//        Set<Privilege> allows = new HashSet<Privilege>();
-//        Set<Privilege> denies = new HashSet<Privilege>();
-//        AccessControlEntry[] entries = acl.getAccessControlEntries();
-//        for (AccessControlEntry en : entries) {
-//            if (princ.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry)
{
-//                JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
-//                Privilege[] privs = ace.getPrivileges();
-//                if (ace.isAllow()) {
-//                    allows.addAll(Arrays.asList(privs));
-//                } else {
-//                    denies.addAll(Arrays.asList(privs));
-//                }
-//            }
-//        }
-//
-//        String[] expected = new String[] {Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_NODE,
Privilege.JCR_MODIFY_PROPERTIES, Privilege.JCR_NODE_TYPE_MANAGEMENT};
-//        assertEquals(expected.length, allows.size());
-//        for (String name : expected) {
-//            assertTrue(allows.contains(acMgr.privilegeFromName(name)));
-//        }
-//
-//        assertEquals(1, denies.size());
-//        assertEquals(acMgr.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES), denies.iterator().next());
-//    }
-
+    @Test
     public void testRemoveEntry() throws NotExecutableException, RepositoryException {
         Principal princ = getValidPrincipal();
         Privilege[] grPriv = privilegesFromName("rep:write");



Mime
View raw message