jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1562092 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ oak-jcr/src/test/java/org/apa...
Date Tue, 28 Jan 2014 15:11:54 GMT
Author: angela
Date: Tue Jan 28 15:11:54 2014
New Revision: 1562092

URL: http://svn.apache.org/r1562092
Log:
OAK-1348 : ACE merging not behaving correctly if not using managed principals

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
    jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java?rev=1562092&r1=1562091&r2=1562092&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
Tue Jan 28 15:11:54 2014
@@ -190,7 +190,7 @@ abstract class ACL extends AbstractAcces
         List<ACE> subList = Lists.newArrayList(Iterables.filter(entries, new Predicate<ACE>()
{
             @Override
             public boolean apply(@Nullable ACE ace) {
-                return (ace != null) && ace.getPrincipal().equals(principal);
+                return (ace != null) && ace.getPrincipal().getName().equals(principal.getName());
             }
         }));
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java?rev=1562092&r1=1562091&r2=1562092&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
Tue Jan 28 15:11:54 2014
@@ -135,7 +135,7 @@ public class ACLTest extends AbstractAcc
     }
 
     @Test
-    public void testAddInvalidEntry() throws Exception {
+    public void testUnknownPrincipal() throws Exception {
         Principal unknownPrincipal = new InvalidTestPrincipal("unknown");
         try {
             acl.addAccessControlEntry(unknownPrincipal, privilegesFromNames(JCR_READ));
@@ -146,9 +146,50 @@ public class ACLTest extends AbstractAcc
     }
 
     @Test
-    public void testAddEntryWithOakPrincipal() throws Exception {
-        Principal oakPrincipal = new PrincipalImpl("name");
-        acl.addAccessControlEntry(oakPrincipal, privilegesFromNames(JCR_READ));
+    public void testInternalPrincipal() throws RepositoryException {
+        Principal internal = new PrincipalImpl("unknown");
+        acl.addAccessControlEntry(internal, privilegesFromNames(JCR_READ));
+    }
+
+    @Test
+    public void testNullPrincipal() throws Exception {
+
+        try {
+            acl.addAccessControlEntry(null, privilegesFromNames(JCR_READ));
+            fail("Adding an ACE with null principal should fail");
+        } catch (AccessControlException e) {
+            // success
+        }
+    }
+
+    @Test
+    public void testEmptyPrincipal() throws Exception {
+
+        try {
+            acl.addAccessControlEntry(new PrincipalImpl(""), privilegesFromNames(JCR_READ));
+            fail("Adding an ACE with empty-named principal should fail");
+        } catch (AccessControlException e) {
+            // success
+        }
+    }
+
+    @Test
+    public void testAddEntriesWithCustomPrincipal()  throws Exception {
+        Principal oakPrincipal = new PrincipalImpl("anonymous");
+        Principal principal = new Principal() {
+            @Override
+            public String getName() {
+                return "anonymous";
+            }
+        };
+
+        assertTrue(acl.addAccessControlEntry(oakPrincipal, privilegesFromNames(JCR_READ)));
+        assertTrue(acl.addAccessControlEntry(principal, privilegesFromNames(JCR_READ_ACCESS_CONTROL)));
+        assertEquals(1, acl.getAccessControlEntries().length);
+
+        assertTrue(acl.addEntry(principal, privilegesFromNames(JCR_READ), false));
+        assertEquals(2, acl.getAccessControlEntries().length);
+        assertArrayEquals(privilegesFromNames(JCR_READ_ACCESS_CONTROL), acl.getAccessControlEntries()[0].getPrivileges());
     }
 
     @Test

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java?rev=1562092&r1=1562091&r2=1562092&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
(original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
Tue Jan 28 15:11:54 2014
@@ -172,7 +172,7 @@ public class JackrabbitAccessControlList
     }
 
     /**
-     * <a href="https://issues.apache.org/jira/browse/OAK-1026">OAK-1026</a>
+     * @see <a href="https://issues.apache.org/jira/browse/OAK-1026">OAK-1026</a>
      */
     @Test
     public void testEntryWithAggregatePrivileges() throws Exception {
@@ -192,4 +192,21 @@ public class JackrabbitAccessControlList
         assertEquals(1, entries.length);
         assertArrayEquals(new Privilege[]{write}, entries[0].getPrivileges());
     }
+
+    /**
+     * @see <a href="https://issues.apache.org/jira/browse/OAK-1348">OAK-1348</a>
+     */
+    @Test
+    public void testAddEntryWithCustomPrincipalImpl() throws Exception {
+        Principal custom = new Principal() {
+            public String getName() {
+                return testPrincipal.getName();
+            }
+        };
+        acl.addEntry(testPrincipal, testPrivileges, true);
+        acl.addEntry(custom, testPrivileges, false);
+        acMgr.setPolicy(acl.getPath(), acl);
+        superuser.save();
+
+    }
 }
\ No newline at end of file



Mime
View raw message