jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mdue...@apache.org
Subject svn commit: r1507225 - /jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
Date Fri, 26 Jul 2013 09:00:30 GMT
Author: mduerig
Date: Fri Jul 26 09:00:30 2013
New Revision: 1507225

URL: http://svn.apache.org/r1507225
Log:
OAK-929: Permission changes not visible on root after refresh
Cleanup root node after test run

Modified:
    jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java?rev=1507225&r1=1507224&r2=1507225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
(original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
Fri Jul 26 09:00:30 2013
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.jcr.se
 import static org.junit.Assert.assertArrayEquals;
 
 import java.security.Principal;
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -27,9 +28,11 @@ import javax.jcr.PathNotFoundException;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlList;
 import javax.jcr.security.Privilege;
 import javax.jcr.util.TraversingItemVisitor;
 
+import com.google.common.collect.Sets;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.oak.security.authorization.AccessControlUtils;
@@ -140,6 +143,7 @@ public class ReadTest extends AbstractEv
 
     @Test
     public void testDenyRoot() throws Exception {
+        Set<AccessControlEntry> acesBefore = getACEs("/");
         try {
             deny("/", readPrivileges);
             testSession.getRootNode();
@@ -147,7 +151,29 @@ public class ReadTest extends AbstractEv
         } catch (Exception e) {
             // expected exception
         } finally {
-            allow("/", readPrivileges);
+            restoreAces("/", acesBefore);
+        }
+    }
+
+    private Set<AccessControlEntry> getACEs(String path) throws RepositoryException
{
+        AccessControlList acl = AccessControlUtils.getAccessControlList(superuser, path);
+        Set<AccessControlEntry> acesBefore = Sets.newHashSet();
+        if (acl != null) {
+            Collections.addAll(acesBefore, acl.getAccessControlEntries());
+        }
+        return acesBefore;
+    }
+
+    private void restoreAces(String path, Set<AccessControlEntry> acesToKeep) throws
RepositoryException {
+        AccessControlList acl = AccessControlUtils.getAccessControlList(superuser, path);
+        if (acl != null) {
+            for (AccessControlEntry ace : acl.getAccessControlEntries()) {
+                if (!acesToKeep.contains(ace)) {
+                    acl.removeAccessControlEntry(ace);
+                }
+            }
+            acMgr.setPolicy("/", acl);
+            superuser.save();
         }
     }
 
@@ -159,8 +185,6 @@ public class ReadTest extends AbstractEv
             fail("nodet should not be accessible");
         } catch (Exception e) {
             // expected exception
-        } finally {
-            allow(path, readPrivileges);
         }
     }
 



Mime
View raw message