jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1480165 - /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java
Date Wed, 08 May 2013 06:00:54 GMT
Author: angela
Date: Wed May  8 06:00:54 2013
New Revision: 1480165

URL: http://svn.apache.org/r1480165
Log:
OAK-527: permissions (WIP)

Modified:
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java?rev=1480165&r1=1480164&r2=1480165&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java
Wed May  8 06:00:54 2013
@@ -16,17 +16,12 @@
  */
 package org.apache.jackrabbit.oak.security.authorization.permission;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.fail;
-
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
-
 import javax.jcr.RepositoryException;
 import javax.jcr.security.AccessControlEntry;
 import javax.jcr.security.AccessControlManager;
@@ -36,6 +31,8 @@ import org.apache.jackrabbit.JcrConstant
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.api.Tree;
 import org.apache.jackrabbit.oak.api.Type;
 import org.apache.jackrabbit.oak.security.authorization.AccessControlConstants;
@@ -47,14 +44,23 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.util.NodeUtil;
 import org.junit.After;
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Test;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
 /**
  * Testing the {@code PermissionHook}
  */
 public class PermissionHookTest extends AbstractAccessControlTest implements AccessControlConstants,
PermissionConstants {
 
     private String testPath = "/testPath";
+    private String childPath = "/testPath/childNode";
+
     private String testPrincipalName;
     private PrivilegeBitsProvider bitsProvider;
     private List<Principal> principals = new ArrayList<Principal>();
@@ -66,7 +72,8 @@ public class PermissionHookTest extends 
 
         Principal testPrincipal = getTestPrincipal();
         NodeUtil rootNode = new NodeUtil(root.getTree("/"), namePathMapper);
-        rootNode.addChild("testPath", JcrConstants.NT_UNSTRUCTURED);
+        NodeUtil testNode = rootNode.addChild("testPath", JcrConstants.NT_UNSTRUCTURED);
+        testNode.addChild("childNode", JcrConstants.NT_UNSTRUCTURED);
 
         AccessControlManager acMgr = getAccessControlManager(root);
         JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr,
testPath);
@@ -319,4 +326,39 @@ public class PermissionHookTest extends 
             }
         }
     }
+
+    @Ignore() // FIXME
+    @Test
+    public void testImplicitAceRemoval() throws Exception {
+        AccessControlManager acMgr = getAccessControlManager(root);
+        JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr,
testPath);
+        acl.addAccessControlEntry(getTestPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ,
PrivilegeConstants.REP_WRITE));
+        acMgr.setPolicy(testPath, acl);
+
+        acl = AccessControlUtils.getAccessControlList(acMgr, childPath);
+        acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.JCR_READ));
+        acMgr.setPolicy(childPath, acl);
+        root.commit();
+
+        assertTrue(root.getTree(childPath+"/rep:policy").exists());
+
+        Tree principalRoot = getPrincipalRoot(EveryonePrincipal.NAME);
+        assertEquals(2, principalRoot.getChildrenCount());
+
+        ContentSession testSession = createTestSession();
+        Root testRoot = testSession.getLatestRoot();
+
+        assertTrue(testRoot.getTree(childPath).exists());
+        assertFalse(testRoot.getTree(childPath+"/rep:policy").exists());
+
+        testRoot.getTree(childPath).remove();
+        testRoot.commit();
+
+        root.refresh();
+        assertFalse(root.getTree(childPath+"/rep:policy").exists());
+        // aces must be removed in the permission store even if the editing
+        // session wasn't able to access them.
+        principalRoot = getPrincipalRoot(EveryonePrincipal.NAME);
+        assertEquals(1, principalRoot.getChildrenCount());
+    }
 }
\ No newline at end of file



Mime
View raw message