sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tomm...@apache.org
Subject svn commit: r1743213 - in /sling/trunk/contrib/extensions/distribution/core/src: main/java/org/apache/sling/distribution/agent/impl/ test/java/org/apache/sling/distribution/agent/impl/
Date Tue, 10 May 2016 15:24:40 GMT
Author: tommaso
Date: Tue May 10 15:24:40 2016
New Revision: 1743213

URL: http://svn.apache.org/viewvc?rev=1743213&view=rev
Log:
SLING-5717 - added unit test for PrivilegeDistributionRequestAuthorizationStrategy

Added:
    sling/trunk/contrib/extensions/distribution/core/src/test/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategyTest.java
  (with props)
Modified:
    sling/trunk/contrib/extensions/distribution/core/src/main/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategy.java

Modified: sling/trunk/contrib/extensions/distribution/core/src/main/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategy.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/distribution/core/src/main/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategy.java?rev=1743213&r1=1743212&r2=1743213&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/distribution/core/src/main/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategy.java
(original)
+++ sling/trunk/contrib/extensions/distribution/core/src/main/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategy.java
Tue May 10 15:24:40 2016
@@ -48,6 +48,10 @@ public class PrivilegeDistributionReques
     public void checkPermission(@Nonnull ResourceResolver resourceResolver, @Nonnull DistributionRequest
distributionRequest) throws DistributionException {
         Session session = resourceResolver.adaptTo(Session.class);
 
+        if (session == null) {
+            throw new DistributionException("cannot obtain a Session");
+        }
+
         try {
             if (DistributionRequestType.ADD.equals(distributionRequest.getRequestType()))
{
                 checkPermissionForAdd(session, distributionRequest.getPaths());

Added: sling/trunk/contrib/extensions/distribution/core/src/test/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategyTest.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/distribution/core/src/test/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategyTest.java?rev=1743213&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/distribution/core/src/test/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategyTest.java
(added)
+++ sling/trunk/contrib/extensions/distribution/core/src/test/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategyTest.java
Tue May 10 15:24:40 2016
@@ -0,0 +1,173 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.distribution.agent.impl;
+
+import javax.jcr.Session;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.Privilege;
+
+import org.apache.sling.api.resource.ResourceResolver;
+import org.apache.sling.distribution.DistributionRequest;
+import org.apache.sling.distribution.DistributionRequestType;
+import org.apache.sling.distribution.common.DistributionException;
+import org.junit.Test;
+
+import static org.junit.Assert.fail;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+/**
+ * Tests for {@link PrivilegeDistributionRequestAuthorizationStrategy}
+ */
+public class PrivilegeDistributionRequestAuthorizationStrategyTest {
+
+    @Test
+    public void testCheckPermissionWithoutSession() throws Exception {
+        String jcrPrivilege = "foo";
+        PrivilegeDistributionRequestAuthorizationStrategy strategy = new PrivilegeDistributionRequestAuthorizationStrategy(jcrPrivilege);
+        DistributionRequest distributionRequest = mock(DistributionRequest.class);
+        ResourceResolver resourceResolver = mock(ResourceResolver.class);
+        try {
+            strategy.checkPermission(resourceResolver, distributionRequest);
+            fail("permission check should fail without a Session");
+        } catch (DistributionException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testCheckPermissionWithSession() throws Exception {
+        String jcrPrivilege = "foo";
+        PrivilegeDistributionRequestAuthorizationStrategy strategy = new PrivilegeDistributionRequestAuthorizationStrategy(jcrPrivilege);
+        DistributionRequest distributionRequest = mock(DistributionRequest.class);
+        ResourceResolver resourceResolver = mock(ResourceResolver.class);
+        Session session = mock(Session.class);
+        when(resourceResolver.adaptTo(Session.class)).thenReturn(session);
+        strategy.checkPermission(resourceResolver, distributionRequest);
+    }
+
+    @Test
+    public void testNoPermissionOnAdd() throws Exception {
+        String jcrPrivilege = "somePermission";
+        PrivilegeDistributionRequestAuthorizationStrategy strategy = new PrivilegeDistributionRequestAuthorizationStrategy(jcrPrivilege);
+        DistributionRequest distributionRequest = mock(DistributionRequest.class);
+        ResourceResolver resourceResolver = mock(ResourceResolver.class);
+        Session session = mock(Session.class);
+        AccessControlManager acm = mock(AccessControlManager.class);
+        Privilege privilege = mock(Privilege.class);
+        when(acm.privilegeFromName(jcrPrivilege)).thenReturn(privilege);
+
+        when(session.getAccessControlManager()).thenReturn(acm);
+        when(resourceResolver.adaptTo(Session.class)).thenReturn(session);
+        String[] paths = new String[]{"/foo"};
+        for (String path : paths) {
+            when(acm.hasPrivileges(path, new Privilege[]{privilege})).thenReturn(false);
+        }
+        when(distributionRequest.getPaths()).thenReturn(paths);
+
+        when(distributionRequest.getRequestType()).thenReturn(DistributionRequestType.ADD);
+        try {
+            strategy.checkPermission(resourceResolver, distributionRequest);
+            fail("should throw an exception when ACM privilege check fails");
+        } catch (DistributionException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testPermissionOnAdd() throws Exception {
+        String jcrPrivilege = "somePermission";
+        PrivilegeDistributionRequestAuthorizationStrategy strategy = new PrivilegeDistributionRequestAuthorizationStrategy(jcrPrivilege);
+        DistributionRequest distributionRequest = mock(DistributionRequest.class);
+        ResourceResolver resourceResolver = mock(ResourceResolver.class);
+        Session session = mock(Session.class);
+        AccessControlManager acm = mock(AccessControlManager.class);
+        Privilege privilege = mock(Privilege.class);
+        when(acm.privilegeFromName(jcrPrivilege)).thenReturn(privilege);
+        Privilege jcrReadPrivilege = mock(Privilege.class);
+        when(acm.privilegeFromName(Privilege.JCR_READ)).thenReturn(jcrReadPrivilege);
+
+        when(session.getAccessControlManager()).thenReturn(acm);
+        when(resourceResolver.adaptTo(Session.class)).thenReturn(session);
+        String[] paths = new String[]{"/foo"};
+        for (String path : paths) {
+            when(acm.hasPrivileges(path, new Privilege[]{privilege, jcrReadPrivilege})).thenReturn(true);
+        }
+        when(distributionRequest.getPaths()).thenReturn(paths);
+
+        when(distributionRequest.getRequestType()).thenReturn(DistributionRequestType.ADD);
+        strategy.checkPermission(resourceResolver, distributionRequest);
+    }
+
+    @Test
+    public void testNoPermissionOnDelete() throws Exception {
+        String jcrPrivilege = "somePermission";
+        PrivilegeDistributionRequestAuthorizationStrategy strategy = new PrivilegeDistributionRequestAuthorizationStrategy(jcrPrivilege);
+        DistributionRequest distributionRequest = mock(DistributionRequest.class);
+        ResourceResolver resourceResolver = mock(ResourceResolver.class);
+        Session session = mock(Session.class);
+        AccessControlManager acm = mock(AccessControlManager.class);
+        Privilege privilege = mock(Privilege.class);
+        when(acm.privilegeFromName(jcrPrivilege)).thenReturn(privilege);
+
+        when(session.getAccessControlManager()).thenReturn(acm);
+        when(resourceResolver.adaptTo(Session.class)).thenReturn(session);
+        String[] paths = new String[]{"/foo"};
+        for (String path : paths) {
+            when(acm.hasPrivileges(path, new Privilege[]{privilege})).thenReturn(false);
+            when(session.nodeExists(path)).thenReturn(true);
+        }
+        when(distributionRequest.getPaths()).thenReturn(paths);
+
+        when(distributionRequest.getRequestType()).thenReturn(DistributionRequestType.DELETE);
+        try {
+            strategy.checkPermission(resourceResolver, distributionRequest);
+            fail("should throw an exception when ACM privilege check fails");
+        } catch (DistributionException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testPermissionOnDelete() throws Exception {
+        String jcrPrivilege = "somePermission";
+        PrivilegeDistributionRequestAuthorizationStrategy strategy = new PrivilegeDistributionRequestAuthorizationStrategy(jcrPrivilege);
+        DistributionRequest distributionRequest = mock(DistributionRequest.class);
+        ResourceResolver resourceResolver = mock(ResourceResolver.class);
+        Session session = mock(Session.class);
+        AccessControlManager acm = mock(AccessControlManager.class);
+        Privilege privilege = mock(Privilege.class);
+        when(acm.privilegeFromName(jcrPrivilege)).thenReturn(privilege);
+        Privilege jcrReadPrivilege = mock(Privilege.class);
+        when(acm.privilegeFromName(Privilege.JCR_REMOVE_NODE)).thenReturn(jcrReadPrivilege);
+
+        when(session.getAccessControlManager()).thenReturn(acm);
+        when(resourceResolver.adaptTo(Session.class)).thenReturn(session);
+        String[] paths = new String[]{"/foo"};
+        for (String path : paths) {
+            when(acm.hasPrivileges(path, new Privilege[]{privilege, jcrReadPrivilege})).thenReturn(true);
+            when(session.nodeExists(path)).thenReturn(true);
+        }
+        when(distributionRequest.getPaths()).thenReturn(paths);
+
+        when(distributionRequest.getRequestType()).thenReturn(DistributionRequestType.DELETE);
+        strategy.checkPermission(resourceResolver, distributionRequest);
+    }
+
+}
\ No newline at end of file

Propchange: sling/trunk/contrib/extensions/distribution/core/src/test/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategyTest.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message