jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1527612 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
Date Mon, 30 Sep 2013 15:31:57 GMT
Author: angela
Date: Mon Sep 30 15:31:56 2013
New Revision: 1527612

URL: http://svn.apache.org/r1527612
Log:
OAK-1054 : Folder containing an admin user should not be removed

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java?rev=1527612&r1=1527611&r2=1527612&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
Mon Sep 30 15:31:56 2013
@@ -56,7 +56,7 @@ class UserValidator extends DefaultValid
         this.parentAfter = parentAfter;
         this.provider = provider;
 
-        authorizableType = UserUtil.getType(parentAfter);
+        authorizableType = (parentAfter == null) ? null : UserUtil.getType(parentAfter);
     }
 
     //----------------------------------------------------------< Validator >---
@@ -149,12 +149,17 @@ class UserValidator extends DefaultValid
 
     @Override
     public Validator childNodeDeleted(String name, NodeState before) throws CommitFailedException
{
-        Tree node = parentBefore.getChild(name);
-        if (isAdminUser(node)) {
-            String msg = "The admin user cannot be removed.";
-            throw constraintViolation(27, msg);
+        Tree tree = parentBefore.getChild(name);
+        AuthorizableType type = UserUtil.getType(tree);
+        if (type == AuthorizableType.USER || type == AuthorizableType.GROUP) {
+            if (isAdminUser(tree)) {
+                String msg = "The admin user cannot be removed.";
+                throw constraintViolation(27, msg);
+            }
+            return null;
+        } else {
+            return new VisibleValidator(new UserValidator(tree, null, provider), true, true);
         }
-        return null;
     }
 
     //------------------------------------------------------------< private >---

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java?rev=1527612&r1=1527611&r2=1527612&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
Mon Sep 30 15:31:56 2013
@@ -209,6 +209,27 @@ public class UserValidatorTest extends A
     }
 
     @Test
+    public void testRemoveAdminUserFolder() throws Exception {
+        try {
+            String adminId = getConfig().getConfigValue(PARAM_ADMIN_ID, DEFAULT_ADMIN_ID);
+            UserManager userMgr = getUserManager(root);
+            Authorizable admin = userMgr.getAuthorizable(adminId);
+            if (admin == null) {
+                admin = userMgr.createUser(adminId, adminId);
+                root.commit();
+            }
+
+            root.getTree(admin.getPath()).getParent().remove();
+            root.commit();
+            fail("Admin user cannot be removed");
+        } catch (CommitFailedException e) {
+            // success
+        } finally {
+            root.refresh();
+        }
+    }
+
+    @Test
     public void testDisableAdminUser() throws Exception {
         try {
             String adminId = getConfig().getConfigValue(PARAM_ADMIN_ID, DEFAULT_ADMIN_ID);



Mime
View raw message