You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2008/08/27 17:12:07 UTC
svn commit: r689499 [8/11] - in /jackrabbit/trunk:
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/jsr283/
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/jsr283/retention/
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/jsr283/sec...
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlDiscoveryTest.java Wed Aug 27 08:12:04 2008
@@ -20,28 +20,20 @@
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
+import javax.jcr.Session;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
+import java.util.Iterator;
/**
* <code>AccessControlDiscoveryTest</code>...
*/
public class AccessControlDiscoveryTest extends AbstractAccessControlTest {
- private Privilege getPrivilege(String name) throws RepositoryException, NotExecutableException {
- Privilege[] privileges = acMgr.getSupportedPrivileges(testRootNode.getPath());
- for (int i = 0; i < privileges.length; i++) {
- if (name.equals(privileges[i].getName())) {
- return privileges[i];
- }
- }
- throw new NotExecutableException();
- }
-
public void testGetSupportedPrivileges() throws RepositoryException {
// retrieving supported privileges:
// Quote from spec:
@@ -57,21 +49,60 @@
// test if those privileges are present:
String msg = "A repository must support the privilege ";
- assertTrue(msg + Privilege.READ, names.contains(Privilege.READ));
- assertTrue(msg + Privilege.ADD_CHILD_NODES, names.contains(Privilege.ADD_CHILD_NODES));
- assertTrue(msg + Privilege.REMOVE_CHILD_NODES, names.contains(Privilege.REMOVE_CHILD_NODES));
- assertTrue(msg + Privilege.MODIFY_PROPERTIES, names.contains(Privilege.MODIFY_PROPERTIES));
- assertTrue(msg + Privilege.READ_ACCESS_CONTROL, names.contains(Privilege.READ_ACCESS_CONTROL));
- assertTrue(msg + Privilege.MODIFY_ACCESS_CONTROL, names.contains(Privilege.MODIFY_ACCESS_CONTROL));
- assertTrue(msg + Privilege.WRITE, names.contains(Privilege.WRITE));
- assertTrue(msg + Privilege.ALL, names.contains(Privilege.ALL));
+ assertTrue(msg + Privilege.JCR_READ, names.contains(getJCRName(Privilege.JCR_READ, superuser)));
+ assertTrue(msg + Privilege.JCR_ADD_CHILD_NODES, names.contains(getJCRName(Privilege.JCR_ADD_CHILD_NODES, superuser)));
+ assertTrue(msg + Privilege.JCR_REMOVE_CHILD_NODES, names.contains(getJCRName(Privilege.JCR_REMOVE_CHILD_NODES, superuser)));
+ assertTrue(msg + Privilege.JCR_MODIFY_PROPERTIES, names.contains(getJCRName(Privilege.JCR_MODIFY_PROPERTIES, superuser)));
+ assertTrue(msg + Privilege.JCR_REMOVE_NODE, names.contains(getJCRName(Privilege.JCR_REMOVE_NODE, superuser)));
+ assertTrue(msg + Privilege.JCR_READ_ACCESS_CONTROL, names.contains(getJCRName(Privilege.JCR_READ_ACCESS_CONTROL, superuser)));
+ assertTrue(msg + Privilege.JCR_MODIFY_ACCESS_CONTROL, names.contains(getJCRName(Privilege.JCR_MODIFY_ACCESS_CONTROL, superuser)));
+ assertTrue(msg + Privilege.JCR_WRITE, names.contains(getJCRName(Privilege.JCR_WRITE, superuser)));
+ assertTrue(msg + Privilege.JCR_ALL, names.contains(getJCRName(Privilege.JCR_ALL, superuser)));
+ }
+
+ public void testPrivilegeFromName() throws RepositoryException {
+ Privilege[] privileges = acMgr.getSupportedPrivileges(testRootNode.getPath());
+ for (int i = 0; i < privileges.length; i++) {
+ Privilege p = acMgr.privilegeFromName(privileges[i].getName());
+ assertEquals("Expected equal privilege name.", privileges[i].getName(), p.getName());
+ assertEquals("Expected equal privilege.", privileges[i], p);
+ }
+ }
+
+ public void testMandatoryPrivilegeFromName() throws RepositoryException {
+ List l = new ArrayList();
+ l.add(getJCRName(Privilege.JCR_READ, superuser));
+ l.add(getJCRName(Privilege.JCR_ADD_CHILD_NODES, superuser));
+ l.add(getJCRName(Privilege.JCR_REMOVE_CHILD_NODES, superuser));
+ l.add(getJCRName(Privilege.JCR_MODIFY_PROPERTIES, superuser));
+ l.add(getJCRName(Privilege.JCR_REMOVE_NODE, superuser));
+ l.add(getJCRName(Privilege.JCR_READ_ACCESS_CONTROL, superuser));
+ l.add(getJCRName(Privilege.JCR_MODIFY_ACCESS_CONTROL, superuser));
+ l.add(getJCRName(Privilege.JCR_WRITE, superuser));
+ l.add(getJCRName(Privilege.JCR_ALL, superuser));
+
+ for (Iterator it = l.iterator(); it.hasNext();) {
+ String privName = it.next().toString();
+ Privilege p = acMgr.privilegeFromName(privName);
+ assertEquals("Expected equal privilege name.", privName, p.getName());
+ }
+ }
+
+ public void testUnknownPrivilegeFromName() throws RepositoryException {
+ String unknownPrivilegeName = Math.random() + "";
+ try {
+ acMgr.privilegeFromName(unknownPrivilegeName);
+ fail(unknownPrivilegeName + " isn't the name of a known privilege.");
+ } catch (AccessControlException e) {
+ // success
+ }
}
public void testAllPrivilegeContainsAll() throws RepositoryException, NotExecutableException {
Privilege[] supported = acMgr.getSupportedPrivileges(testRootNode.getPath());
Set allSet = new HashSet();
- Privilege all = getPrivilege(Privilege.ALL);
+ Privilege all = acMgr.privilegeFromName(Privilege.JCR_ALL);
allSet.addAll(Arrays.asList(all.getAggregatePrivileges()));
String msg = "The all privilege must also contain ";
@@ -87,22 +118,37 @@
}
public void testAllPrivilege() throws RepositoryException, NotExecutableException {
- Privilege all = getPrivilege(Privilege.ALL);
+ Privilege all = acMgr.privilegeFromName(Privilege.JCR_ALL);
assertFalse("All privilege must be not be abstract.", all.isAbstract());
assertTrue("All privilege must be an aggregate privilege.", all.isAggregate());
- assertEquals("The name of the all privilege must be " + Privilege.ALL, all.getName(), Privilege.ALL);
+ String expected = getJCRName(Privilege.JCR_ALL, superuser);
+ assertEquals("The name of the all privilege must be " + expected, expected, all.getName());
}
+ /**
+ *
+ * @throws RepositoryException
+ * @throws NotExecutableException
+ */
public void testWritePrivilege() throws RepositoryException, NotExecutableException {
- Privilege w = getPrivilege(Privilege.WRITE);
+ Privilege w = acMgr.privilegeFromName(Privilege.JCR_WRITE);
assertTrue("Write privilege must be an aggregate privilege.", w.isAggregate());
- assertEquals("The name of the write privilege must be " + Privilege.WRITE, w.getName(), Privilege.WRITE);
+ String expected = getJCRName(Privilege.JCR_WRITE, superuser);
+ assertEquals("The name of the write privilege must be " + expected, expected, w.getName());
}
+ /**
+ *
+ * @throws RepositoryException
+ */
public void testGetPrivileges() throws RepositoryException {
acMgr.getPrivileges(testRootNode.getPath());
}
+ /**
+ *
+ * @throws RepositoryException
+ */
public void testGetPrivilegesOnNonExistingNode() throws RepositoryException {
String path = getPathToNonExistingNode();
try {
@@ -113,6 +159,11 @@
}
}
+ /**
+ *
+ * @throws RepositoryException
+ * @throws NotExecutableException
+ */
public void testGetPrivilegesOnProperty() throws RepositoryException, NotExecutableException {
String path = getPathToProperty();
try {
@@ -123,11 +174,19 @@
}
}
+ /**
+ *
+ * @throws RepositoryException
+ */
public void testHasPrivileges() throws RepositoryException {
Privilege[] privs = acMgr.getPrivileges(testRootNode.getPath());
assertTrue(acMgr.hasPrivileges(testRootNode.getPath(), privs));
}
+ /**
+ *
+ * @throws RepositoryException
+ */
public void testHasIndividualPrivileges() throws RepositoryException {
Privilege[] privs = acMgr.getPrivileges(testRootNode.getPath());
@@ -137,9 +196,14 @@
}
}
+ /**
+ *
+ * @throws RepositoryException
+ * @throws NotExecutableException
+ */
public void testNotHasPrivileges() throws RepositoryException, NotExecutableException {
Privilege[] privs = acMgr.getPrivileges(testRootNode.getPath());
- Privilege all = getPrivilege(Privilege.ALL);
+ Privilege all = acMgr.privilegeFromName(Privilege.JCR_ALL);
// remove all privileges that are granted.
Set notGranted = new HashSet(Arrays.asList(all.getAggregatePrivileges()));
@@ -160,6 +224,10 @@
}
}
+ /**
+ *
+ * @throws RepositoryException
+ */
public void testHasPrivilegesOnNotExistingNode() throws RepositoryException {
String path = getPathToNonExistingNode();
try {
@@ -170,6 +238,11 @@
}
}
+ /**
+ *
+ * @throws RepositoryException
+ * @throws NotExecutableException
+ */
public void testHasPrivilegesOnProperty() throws RepositoryException, NotExecutableException {
String path = getPathToProperty();
try {
@@ -180,7 +253,23 @@
}
}
+ /**
+ *
+ * @throws RepositoryException
+ * @throws NotExecutableException
+ */
public void testHasPrivilegesEmptyArray() throws RepositoryException, NotExecutableException {
assertTrue(acMgr.hasPrivileges(testRootNode.getPath(), new Privilege[0]));
}
+
+ //--------------------------------------------------------------------------
+ /**
+ * Retrieve the 'real' jcr name from a given privilege name constant.
+ */
+ private static String getJCRName(String privilegeNameConstant, Session session) throws RepositoryException {
+ int pos = privilegeNameConstant.indexOf('}');
+ String uri = privilegeNameConstant.substring(1, pos);
+ String localName = privilegeNameConstant.substring(pos + 1);
+ return session.getNamespacePrefix(uri) + ":" + localName;
+ }
}
\ No newline at end of file
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,496 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.api.jsr283.security;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.jackrabbit.test.NotExecutableException;
+import org.apache.jackrabbit.core.SessionImpl;
+import org.apache.jackrabbit.core.security.TestPrincipal;
+
+import javax.jcr.Node;
+import javax.jcr.Session;
+import javax.jcr.RepositoryException;
+import javax.jcr.AccessDeniedException;
+import java.util.Iterator;
+import java.util.Arrays;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Set;
+import java.security.Principal;
+import java.security.acl.Group;
+
+/**
+ * <code>AccessControlEntryTest</code>...
+ */
+public class AccessControlListTest extends AbstractAccessControlTest {
+
+ private static Logger log = LoggerFactory.getLogger(AccessControlListTest.class);
+
+ private String path;
+ private Privilege[] privs;
+ private Principal testPrincipal;
+
+ private List privilegesToRestore = new ArrayList();
+
+ protected void setUp() throws Exception {
+ super.setUp();
+
+ // TODO: test if options is supported
+ //checkSupportedOption(superuser, Repository.OPTION_ACCESS_CONTROL_SUPPORTED);
+
+ // TODO: retrieve targetPath from configuration
+ Node n = testRootNode.addNode(nodeName1, testNodeType);
+ superuser.save();
+ path = n.getPath();
+
+ privs = acMgr.getSupportedPrivileges(path);
+ if (privs.length == 0) {
+ throw new NotExecutableException("No supported privileges at absPath " + path);
+ }
+
+ // TODO: make sure, entries to ADD are not present yet.
+ // TODO: retrieve principal name from tck-Configuration
+ // TODO: get rid of SessionImpl dependency
+ Session s = superuser;
+ if (s instanceof SessionImpl) {
+ for (Iterator it = ((SessionImpl) s).getSubject().getPrincipals().iterator(); it.hasNext();) {
+ Principal p = (Principal) it.next();
+ if (!(p instanceof Group)) {
+ testPrincipal = p;
+ }
+ }
+ if (testPrincipal == null) {
+ throw new NotExecutableException("Test principal missing.");
+ }
+ } else {
+ throw new NotExecutableException("SessionImpl expected");
+ }
+
+ // remember existing entries for test-principal -> later restore.
+ privilegesToRestore = currentPrivileges(getList(acMgr, path), testPrincipal);
+ }
+
+ protected void tearDown() throws Exception {
+ try {
+ // TODO: review if correct.
+ // restore original entries (remove others).
+ AccessControlList list = getList(acMgr, path);
+ AccessControlEntry[] entries = list.getAccessControlEntries();
+ for (int i = 0; i < entries.length; i++) {
+ AccessControlEntry ace = entries[i];
+ if (testPrincipal.equals(ace.getPrincipal())) {
+ list.removeAccessControlEntry(ace);
+ }
+ }
+ list.addAccessControlEntry(testPrincipal, (Privilege[]) privilegesToRestore.toArray(new Privilege[privilegesToRestore.size()]));
+ superuser.save();
+ } catch (Exception e) {
+ AccessControlListTest.log.error("Unexpected error while removing test entries.", e);
+ }
+ super.tearDown();
+ }
+
+ private static AccessControlList getList(AccessControlManager acMgr, String path)
+ throws NotExecutableException, AccessDeniedException, RepositoryException {
+ for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path); it.hasNext();) {
+ AccessControlPolicy acp = it.nextAccessControlPolicy();
+ if (acp instanceof AccessControlList) {
+ return (AccessControlList) acp;
+ }
+ }
+ throw new NotExecutableException("No applicable AccessControlList at " + path);
+ }
+
+ private static List currentPrivileges(AccessControlList acl, Principal principal) throws RepositoryException {
+ List privileges = new ArrayList();
+ AccessControlEntry[] entries = acl.getAccessControlEntries();
+ for (int i = 0; i < entries.length; i++) {
+ AccessControlEntry ace = entries[i];
+ if (principal.equals(ace.getPrincipal())) {
+ privileges.addAll(Arrays.asList(ace.getPrivileges()));
+ }
+ }
+ return privileges;
+ }
+
+ public void testGetAccessControlEntries() throws RepositoryException, AccessDeniedException, NotExecutableException {
+ checkCanReadAc(path);
+ AccessControlList acl = getList(acMgr, path);
+
+ // call must succeed.
+ AccessControlEntry[] entries = acl.getAccessControlEntries();
+ assertNotNull("AccessControlList#getAccessControlEntries must not return null.", entries);
+ for (int i = 0; i < entries.length; i++) {
+ assertNotNull("An ACE must contain a principal", entries[i].getPrincipal());
+ Privilege[] privs = entries[i].getPrivileges();
+ assertTrue("An ACE must contain at least a single privilege", privs != null && privs.length > 0);
+ }
+ }
+
+ public void testAddAccessControlEntry() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ Privilege[] privileges = new Privilege[] {privs[0]};
+ AccessControlList acl = getList(acMgr, path);
+
+ AccessControlEntry entry = null;
+ if (acl.addAccessControlEntry(testPrincipal, privileges)) {
+ AccessControlEntry[] aces = acl.getAccessControlEntries();
+ for (int i = 0; i < aces.length; i++) {
+ if (aces[i].getPrincipal().equals(testPrincipal) &&
+ Arrays.asList(privileges).equals(Arrays.asList(aces[i].getPrivileges()))) {
+ entry = aces[i];
+ }
+ }
+ if (entry == null) throw new NotExecutableException();
+ } else {
+ throw new NotExecutableException();
+
+ }
+ assertEquals("Principal name of the ACE must be equal to the name of the passed Principal", testPrincipal.getName(), entry.getPrincipal().getName());
+ assertEquals("Privileges of the ACE must be equal to the passed ones", Arrays.asList(privileges), Arrays.asList(entry.getPrivileges()));
+ }
+
+ public void testAddAggregatePrivilege() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ Privilege aggregate = null;
+ for (int i = 0; i < privs.length; i++) {
+ if (privs[i].isAggregate()) {
+ aggregate = privs[i];
+ break;
+ }
+ }
+ if (aggregate == null) {
+ throw new NotExecutableException("No aggregate privilege supported at " + path);
+ }
+
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});
+
+ // make sure all privileges are present now
+ List privs = currentPrivileges(acl, testPrincipal);
+ assertTrue("Privileges added through 'addAccessControlEntry' must be " +
+ "reflected upon getAccessControlEntries",
+ privs.contains(aggregate) || privs.containsAll(Arrays.asList(aggregate.getAggregatePrivileges())));
+ }
+
+ public void testAddAggregatedPrivilegesSeparately() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ Privilege aggregate = null;
+ for (int i = 0; i < privs.length; i++) {
+ if (privs[i].isAggregate()) {
+ aggregate = privs[i];
+ break;
+ }
+ }
+ if (aggregate == null) {
+ throw new NotExecutableException("No aggregate privilege supported at " + path);
+ }
+
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});
+
+ Privilege[] privs = aggregate.getAggregatePrivileges();
+ for (int i = 0; i < privs.length; i++) {
+ boolean modified = acl.addAccessControlEntry(testPrincipal, new Privilege[] {privs[i]});
+ assertFalse("Adding the aggregated privs individually later on must not modify the policy", modified);
+ }
+ }
+
+ public void testAddPrivilegesPresentInEntries() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(testPrincipal, privs);
+
+ Set assignedPrivs = new HashSet();
+ AccessControlEntry[] entries = acl.getAccessControlEntries();
+ for (int i = 0; i < entries.length; i++) {
+ if (entries[i].getPrincipal().equals(testPrincipal)) {
+ Privilege[] prvs = entries[i].getPrivileges();
+ for (int j = 0; j < prvs.length; j++) {
+ if (prvs[j].isAggregate()) {
+ assignedPrivs.addAll(Arrays.asList(prvs[j].getAggregatePrivileges()));
+ } else {
+ assignedPrivs.add(prvs[j]);
+ }
+ }
+ }
+ }
+
+ Set expected = new HashSet();
+ for (int i = 0; i < privs.length; i++) {
+ if (privs[i].isAggregate()) {
+ expected.addAll(Arrays.asList(privs[i].getAggregatePrivileges()));
+ } else {
+ expected.add(privs[i]);
+ }
+ }
+ assertTrue("getAccessControlEntries must contain an entry or entries that grant at least the added privileges.", assignedPrivs.containsAll(expected));
+ }
+
+ public void testAddAccessControlEntryAndSetPolicy() throws RepositoryException, NotExecutableException {
+ checkCanModifyAc(path);
+
+ AccessControlList acl = getList(acMgr, path);
+ List originalAces = Arrays.asList(acl.getAccessControlEntries());
+
+ if (!acl.addAccessControlEntry(testPrincipal, privs)) {
+ throw new NotExecutableException();
+ }
+
+ // re-access ACL from AC-Manager -> must not yet have changed
+ assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", originalAces, Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+
+ // setting the modified policy -> policy must change.
+ acMgr.setPolicy(path, acl);
+ assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", Arrays.asList(acl.getAccessControlEntries()), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+ }
+
+ public void testAddAccessControlEntryIsTransient() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ AccessControlList acl = getList(acMgr, path);
+ List originalAces = Arrays.asList(acl.getAccessControlEntries());
+
+ if (!acl.addAccessControlEntry(testPrincipal, privs)) {
+ throw new NotExecutableException();
+ }
+ // set the policy (see #testAddAccessControlEntryAndSetPolicy)
+ acMgr.setPolicy(path, acl);
+
+ // revert the changes made
+ superuser.refresh(false);
+ assertEquals("After calling Session.refresh() any changes to a nodes policies must be reverted.", originalAces, Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+ }
+
+ public void testAddAccessControlEntryInvalidPrincipal() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+ try {
+ // TODO: retrieve unknown principal name from config
+ Principal invalidPrincipal = new TestPrincipal("an_unknown_principal");
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(invalidPrincipal, privs);
+ fail("Adding an entry with an unknown principal must throw AccessControlException.");
+ } catch (AccessControlException e) {
+ // success.
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ public void testAddAccessControlEntryEmptyPrivilegeArray() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ try {
+ Privilege[] invalidPrivs = new Privilege[0];
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(testPrincipal, invalidPrivs);
+ fail("Adding an entry with an invalid privilege array must throw AccessControlException.");
+ } catch (AccessControlException e) {
+ // success.
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ public void testAddAccessControlEntryInvalidPrivilege() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ try {
+ Privilege[] invalidPrivs = new Privilege[] {new Privilege() {
+ public String getName() {
+ return null;
+ }
+ public boolean isAbstract() {
+ return false;
+ }
+ public boolean isAggregate() {
+ return false;
+ }
+ public Privilege[] getDeclaredAggregatePrivileges() {
+ return new Privilege[0];
+ }
+ public Privilege[] getAggregatePrivileges() {
+ return new Privilege[0];
+ }
+ }};
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(testPrincipal, invalidPrivs);
+ fail("Adding an entry with an invalid privilege must throw AccessControlException.");
+ } catch (AccessControlException e) {
+ // success.
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ public void testRemoveAccessControlEntry() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ AccessControlList acl = getList(acMgr, path);
+ AccessControlEntry[] entries = acl.getAccessControlEntries();
+ if (entries.length > 0) {
+ AccessControlEntry ace = entries[0];
+ acl.removeAccessControlEntry(ace);
+
+ // retrieve entries again:
+ List remainingEntries = Arrays.asList(acl.getAccessControlEntries());
+ assertFalse("AccessControlList.getAccessControlEntries still returns a removed ACE.", remainingEntries.contains(ace));
+ }
+ }
+
+ public void testRemoveAddedAccessControlEntry() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ AccessControlList acl = getList(acMgr, path);
+ acl.addAccessControlEntry(testPrincipal, privs);
+
+ AccessControlEntry[] aces = acl.getAccessControlEntries();
+ for (int i = 0; i < aces.length; i++) {
+ acl.removeAccessControlEntry(aces[i]);
+ }
+ assertEquals("After removing all ACEs the ACL must be empty", 0, acl.getAccessControlEntries().length);
+ }
+
+ public void testRemoveAccessControlEntryAndSetPolicy() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ // add a new ACE that can be removed later on.
+ AccessControlList acl = getList(acMgr, path);
+ if (!acl.addAccessControlEntry(testPrincipal, privs)) {
+ throw new NotExecutableException();
+ } else {
+ acMgr.setPolicy(path, acl);
+ }
+
+ // try to re-access the modifiable ACL in order to remove the ACE
+ // added before.
+ acl = getList(acMgr, path);
+ AccessControlEntry ace = null;
+ AccessControlEntry[] aces = acl.getAccessControlEntries();
+ if (aces.length == 0) {
+ throw new NotExecutableException();
+ } else {
+ ace = aces[0];
+ acl.removeAccessControlEntry(ace);
+ }
+
+ // before setting the policy again -> no changes visible.
+ assertEquals("Removal of an ACE must only be visible upon 'setPolicy'", Arrays.asList(aces), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+
+ // set policy again.
+ acMgr.setPolicy(path, acl);
+ assertEquals("After 'setPolicy' the ACE-removal must be visible to the editing session.", Arrays.asList(acl.getAccessControlEntries()), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
+ }
+
+ public void testRemoveAccessControlEntryIsTransient() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ AccessControlList acl = getList(acMgr, path);
+ // make sure an ACE is present and modifications are persisted.
+ if (acl.addAccessControlEntry(testPrincipal, privs)) {
+ acMgr.setPolicy(path, acl);
+ superuser.save();
+ } else {
+ throw new NotExecutableException();
+ }
+
+ // retrieve ACL again -> transient removal of the ace
+ acl = getList(acMgr, path);
+ AccessControlEntry ace = acl.getAccessControlEntries()[0];
+ acl.removeAccessControlEntry(ace);
+ acMgr.setPolicy(path, acl);
+
+ // revert changes -> removed entry must be present again.
+ superuser.refresh(false);
+ List entries = Arrays.asList(getList(acMgr, path).getAccessControlEntries());
+ assertTrue("After reverting any changes the removed ACE should be present again.", entries.contains(ace));
+ }
+
+ public void testRemoveIllegalAccessControlEntry() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+ try {
+ AccessControlEntry entry = new AccessControlEntry() {
+ public Principal getPrincipal() {
+ return testPrincipal;
+ }
+ public Privilege[] getPrivileges() {
+ return privs;
+ }
+ };
+ AccessControlList acl = getList(acMgr, path);
+ acl.removeAccessControlEntry(entry);
+ fail("AccessControlManager.removeAccessControlEntry with an unknown entry must throw AccessControlException.");
+ } catch (AccessControlException e) {
+ // ok
+ }
+ }
+
+ public void testAddAccessControlEntryTwice() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+ AccessControlList acl = getList(acMgr, path);
+ if (acl.addAccessControlEntry(testPrincipal, privs)) {
+ assertFalse("Adding the same ACE twice should not modify the AC-List.",
+ acl.addAccessControlEntry(testPrincipal, privs));
+ }
+ }
+
+ public void testAddAccessControlEntryAgain() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+
+ AccessControlList list = getList(acMgr, path);
+ AccessControlEntry[] entries = list.getAccessControlEntries();
+ if (entries.length > 0) {
+ assertFalse("Adding an existing entry again must not modify the AC-List",
+ list.addAccessControlEntry(entries[0].getPrincipal(), entries[0].getPrivileges()));
+ } else {
+ throw new NotExecutableException();
+ }
+ }
+
+ public void testExtendPrivileges() throws NotExecutableException, RepositoryException {
+ checkCanModifyAc(path);
+ // search 2 non-aggregated privileges
+ List twoPrivs = new ArrayList(2);
+ for (int i = 0; i < privs.length && twoPrivs.size() < 2; i++) {
+ if (!privs[i].isAggregate()) {
+ twoPrivs.add(privs[i]);
+ }
+ }
+ if (twoPrivs.size() < 2) {
+ throw new NotExecutableException("At least 2 supported, non-aggregate privileges required at " + path);
+ }
+
+ AccessControlList acl = getList(acMgr, path);
+ Privilege privilege = (Privilege) twoPrivs.get(0);
+ // add first privilege:
+ acl.addAccessControlEntry(testPrincipal, new Privilege[] {privilege});
+
+ // add a second privilege (but not specifying the privilege added before)
+ // -> the first privilege must not be removed.
+ Privilege privilege2 = (Privilege) twoPrivs.get(1);
+ acl.addAccessControlEntry(testPrincipal, new Privilege[] {privilege2});
+
+ List currentPrivileges = currentPrivileges(acl, testPrincipal);
+ assertTrue("'AccessControlList.addAccessControlEntry' must not remove privileges added before", currentPrivileges.containsAll(twoPrivs));
+ }
+}
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlListTest.java
------------------------------------------------------------------------------
svn:keywords = author date id revision url
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyIteratorTest.java Wed Aug 27 08:12:04 2008
@@ -37,7 +37,7 @@
protected void setUp() throws Exception {
super.setUp();
- // policy-option is cover the by the 'OPTION_SIMPLE_ACCESS_CONTROL_SUPPORTED' -> see super-class
+ // policy-option is cover the by the 'OPTION_ACCESS_CONTROL_SUPPORTED' -> see super-class
Node n = testRootNode.addNode(nodeName1, testNodeType);
superuser.save();
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/AccessControlPolicyTest.java Wed Aug 27 08:12:04 2008
@@ -26,11 +26,13 @@
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
+import java.util.Arrays;
+import java.util.Map;
+import java.util.HashMap;
/**
* <code>AccessControlPolicyTest</code>...
@@ -40,12 +42,12 @@
private static Logger log = LoggerFactory.getLogger(AccessControlPolicyTest.class);
private String path;
- private List addedPolicies = new ArrayList();
+ private Map addedPolicies = new HashMap();
protected void setUp() throws Exception {
super.setUp();
- // policy-option is cover the by the 'OPTION_SIMPLE_ACCESS_CONTROL_SUPPORTED' -> see super-class
+ // policy-option is cover the by the 'OPTION_ACCESS_CONTROL_SUPPORTED' -> see super-class
Node n = testRootNode.addNode(nodeName1, testNodeType);
superuser.save();
@@ -54,81 +56,60 @@
protected void tearDown() throws Exception {
try {
- for (Iterator it = addedPolicies.iterator(); it.hasNext();) {
+ for (Iterator it = addedPolicies.keySet().iterator(); it.hasNext();) {
String path = it.next().toString();
- acMgr.removePolicy(path);
+ AccessControlPolicy policy = (AccessControlPolicy) addedPolicies.get(path);
+ acMgr.removePolicy(path, policy);
}
superuser.save();
} catch (Exception e) {
log.error("Unexpected error while removing test policies.", e);
}
+ addedPolicies.clear();
super.tearDown();
}
- private AccessControlPolicy buildInvalidPolicy(String path) throws RepositoryException, AccessDeniedException {
- List applicable = new ArrayList();
- AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
- while (it.hasNext()) {
- applicable.add(it.nextAccessControlPolicy().getName());
- }
-
- String name = "invalidPolicy";
- int index = 0;
- while (applicable.contains(name)) {
- name = "invalidPolicy" + index;
- index++;
- }
- final String policyName = name;
- return new AccessControlPolicy() {
-
- public String getName() throws RepositoryException {
- return policyName;
- }
- public String getDescription() throws RepositoryException {
- return null;
- }
- };
- }
-
- public void testGetEffectivePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
+ public void testGetEffectivePolicies() throws RepositoryException, AccessDeniedException, NotExecutableException {
checkCanReadAc(path);
// call must succeed without exception
- AccessControlPolicy policy = acMgr.getEffectivePolicy(path);
- if (policy != null) {
- assertTrue("The name of an AccessControlPolicy must not be null.", policy.getName() != null);
- } else {
- // no policy present on that node. // TODO: check if possible.
+ AccessControlPolicy[] policies = acMgr.getEffectivePolicies(path);
+ if (policies == null && policies.length == 0) {
+ fail("To every existing node at least a single effective policy applies.");
}
}
- public void testGetEffectivePolicyForNonExistingNode() throws RepositoryException, AccessDeniedException, NotExecutableException {
+ public void testGetEffectivePoliciesForNonExistingNode() throws RepositoryException, AccessDeniedException, NotExecutableException {
String path = getPathToNonExistingNode();
try {
- acMgr.getEffectivePolicy(path);
+ acMgr.getEffectivePolicies(path);
fail("AccessControlManager.getEffectivePolicy for an invalid absPath must throw PathNotFoundException.");
} catch (PathNotFoundException e) {
// ok
}
}
- public void testGetEffectivePolicyForProperty() throws RepositoryException, AccessDeniedException, NotExecutableException {
+ public void testGetEffectivePoliciesForProperty() throws RepositoryException, AccessDeniedException, NotExecutableException {
String path = getPathToProperty();
try {
- acMgr.getEffectivePolicy(path);
+ acMgr.getEffectivePolicies(path);
fail("AccessControlManager.getEffectivePolicy for property must throw PathNotFoundException.");
} catch (PathNotFoundException e) {
// ok
}
}
- public void testGetPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
+ public void testGetPolicies() throws RepositoryException, AccessDeniedException, NotExecutableException {
checkCanReadAc(path);
// call must succeed without exception
- AccessControlPolicy policy = acMgr.getPolicy(path);
- if (policy != null) {
- assertTrue("The name of an AccessControlPolicy must not be null.", policy.getName() != null);
- } else {
- // no policy present on that node.
+ AccessControlPolicy[] policies = acMgr.getPolicies(path);
+
+ assertNotNull("AccessControlManager.getPolicies must never return null.", policies);
+ for (int i = 0; i < policies.length; i++) {
+ if (policies[i] instanceof NamedAccessControlPolicy) {
+ assertNotNull("The name of an NamedAccessControlPolicy must not be null.", ((NamedAccessControlPolicy) policies[i]).getName());
+ } else if (policies[i] instanceof AccessControlList) {
+ assertNotNull("The entries of an AccessControlList must not be null.", ((AccessControlList) policies[i]).getAccessControlEntries());
+ }
}
}
@@ -143,12 +124,12 @@
checkCanReadAc(path);
// call must succeed without exception
AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
- Set names = new HashSet();
+ Set AccessControlList = new HashSet();
while (it.hasNext()) {
AccessControlPolicy policy = it.nextAccessControlPolicy();
- if (!names.add(policy.getName())) {
- fail("The names of the policies present should be unique among the choices presented for a specific node. Name " + policy.getName() + " occured multiple times.");
+ if (!AccessControlList.add(policy)) {
+ fail("The applicable policies present should be unique among the choices. Policy " + policy + " occured multiple times.");
}
}
}
@@ -167,7 +148,7 @@
public void testSetIllegalPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
checkCanModifyAc(path);
try {
- acMgr.setPolicy(path, buildInvalidPolicy(path));
+ acMgr.setPolicy(path, new AccessControlPolicy() {});
fail("SetPolicy with an unknown policy should throw AccessControlException.");
} catch (AccessControlException e) {
// success.
@@ -183,8 +164,14 @@
AccessControlPolicy policy = it.nextAccessControlPolicy();
acMgr.setPolicy(path, policy);
- AccessControlPolicy p = acMgr.getPolicy(path);
- assertEquals("GetPolicy must return the policy that has been set before.", policy, p);
+ AccessControlPolicy[] policies = acMgr.getPolicies(path);
+ for (int i = 0; i < policies.length; i++) {
+ if (policy.equals(policies[i])) {
+ // ok
+ return;
+ }
+ }
+ fail("GetPolicies must at least return the policy that has been set before.");
} else {
throw new NotExecutableException();
}
@@ -193,18 +180,18 @@
public void testSetPolicyIsTransient() throws RepositoryException, AccessDeniedException, NotExecutableException {
checkCanModifyAc(path);
- AccessControlPolicy current = acMgr.getPolicy(path);
+ List currentPolicies = Arrays.asList(acMgr.getPolicies(path));
AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
if (it.hasNext()) {
AccessControlPolicy policy = it.nextAccessControlPolicy();
acMgr.setPolicy(path, policy);
superuser.refresh(false);
- String mgs = "Reverting 'setPolicy' must change back the return value of getPolicy.";
- if (current == null) {
- assertEquals(mgs, acMgr.getPolicy(path), current);
+ String mgs = "Reverting 'setPolicy' must change back the return value of getPolicies.";
+ if (currentPolicies.isEmpty()) {
+ assertTrue(mgs, acMgr.getPolicies(path).length == 0);
} else {
- assertTrue(mgs, acMgr.getPolicy(path).equals(current));
+ assertEquals(mgs, currentPolicies, Arrays.asList(acMgr.getPolicies(path)));
}
} else {
throw new NotExecutableException();
@@ -223,7 +210,7 @@
superuser.save();
// remember for tearDown
- addedPolicies.add(path);
+ addedPolicies.put(path, policy);
} else {
throw new NotExecutableException();
}
@@ -231,8 +218,9 @@
Session s2 = null;
try {
s2 = helper.getSuperuserSession();
- AccessControlPolicy p = getAccessControlManager(s2).getPolicy(path);
- assertEquals("Policy must be visible to another superuser session.", policy, p);
+ List plcs = Arrays.asList(getAccessControlManager(s2).getPolicies(path));
+ // TODO: check again if policies can be compared with equals!
+ assertTrue("Policy must be visible to another superuser session.", plcs.contains(policy));
} finally {
if (s2 != null) {
s2.logout();
@@ -250,7 +238,7 @@
acMgr.setPolicy(path, policy);
superuser.save();
// remember for tearDown
- addedPolicies.add(path);
+ addedPolicies.put(path, policy);
} else {
throw new NotExecutableException();
}
@@ -295,8 +283,14 @@
if (it.hasNext()) {
AccessControlPolicy policy = it.nextAccessControlPolicy();
acMgr.setPolicy(path, policy);
- AccessControlPolicy removed = acMgr.removePolicy(path);
- assertEquals("RemovePolicy must return the policy that has been set before.", policy, removed);
+ acMgr.removePolicy(path, policy);
+
+ AccessControlPolicy[] plcs = acMgr.getPolicies(path);
+ for (int i = 0; i < plcs.length; i++) {
+ if (plcs[i].equals(policy)) {
+ fail("RemovePolicy must remove the policy that has been set before.");
+ }
+ }
} else {
throw new NotExecutableException();
}
@@ -306,8 +300,10 @@
checkCanReadAc(path);
checkCanModifyAc(path);
- AccessControlPolicy current = acMgr.getPolicy(path);
- if (acMgr.getPolicy(path) == null) {
+ AccessControlPolicy[] currentPolicies = acMgr.getPolicies(path);
+ int size = currentPolicies.length;
+ AccessControlPolicy toRemove;
+ if (size == 0) {
// no policy to remove ->> apply one
AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
if (it.hasNext()) {
@@ -316,23 +312,26 @@
superuser.save();
// remember for teardown
- addedPolicies.add(path);
+ addedPolicies.put(path, policy);
- current = policy;
+ toRemove = policy;
+ currentPolicies = acMgr.getPolicies(path);
+ size = currentPolicies.length;
} else {
throw new NotExecutableException();
}
+ } else {
+ toRemove = currentPolicies[0];
}
// test transient behaviour of the removal
- acMgr.removePolicy(path);
- AccessControlPolicy p = acMgr.getPolicy(path);
- assertTrue("After transient remove AccessControlManager.getPolicy must return null.", p == null);
+ acMgr.removePolicy(path, toRemove);
+
+ assertEquals("After transient remove AccessControlManager.getPolicies must return less policies.", size - 1, acMgr.getPolicies(path).length);
// revert changes
superuser.refresh(false);
- p = acMgr.getPolicy(path);
- assertEquals("Reverting a Policy removal must restore the original state.", p, current);
+ assertEquals("Reverting a Policy removal must restore the original state.", Arrays.asList(currentPolicies), Arrays.asList(acMgr.getPolicies(path)));
}
public void testNodeIsModifiedAfterRemovePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
@@ -340,7 +339,7 @@
checkCanModifyAc(path);
Item item = superuser.getItem(path);
- if (acMgr.getPolicy(path) == null) {
+ if (acMgr.getPolicies(path).length == 0) {
// no policy to remove ->> apply one
AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
if (it.hasNext()) {
@@ -349,15 +348,19 @@
superuser.save();
// remember for teardown
- addedPolicies.add(path);
+ addedPolicies.put(path, policy);
} else {
throw new NotExecutableException();
}
}
// test transient behaviour of the removal
- try {acMgr.removePolicy(path);
- assertTrue("After removing a policy the node must be marked modified.", item.isModified());
+ try {
+ AccessControlPolicy[] plcs = acMgr.getPolicies(path);
+ if (plcs.length > 0) {
+ acMgr.removePolicy(path, plcs[0]);
+ assertTrue("After removing a policy the node must be marked modified.", item.isModified());
+ }
} finally {
item.refresh(false);
}
@@ -371,7 +374,7 @@
throw new NotExecutableException();
}
- assertNull("A new Node must not have an access control policy set.", acMgr.getPolicy(n.getPath()));
+ assertTrue("A new Node must not have an access control policy set.", acMgr.getPolicies(n.getPath()).length == 0);
}
public void testSetPolicyOnNewNode() throws NotExecutableException, RepositoryException, AccessDeniedException {
@@ -387,29 +390,25 @@
AccessControlPolicy policy = it.nextAccessControlPolicy();
acMgr.setPolicy(n.getPath(), policy);
- AccessControlPolicy p = acMgr.getPolicy(n.getPath());
- assertNotNull("After calling setPolicy the manager must return a non-null policy for the new Node.", p);
- assertEquals("The name of applicable policy must be equal to the name of the set policy", policy.getName(), p.getName());
+ AccessControlPolicy[] plcs = acMgr.getPolicies(n.getPath());
+ assertNotNull("After calling setPolicy the manager must return a non-null policy array for the new Node.", plcs);
+ assertTrue("After calling setPolicy the manager must return a policy array with a length greater than zero for the new Node.", plcs.length > 0);
}
}
public void testRemoveTransientlyAddedPolicy() throws RepositoryException, AccessDeniedException {
- AccessControlPolicy ex = acMgr.getPolicy(path);
+ AccessControlPolicy[] ex = acMgr.getPolicies(path);
AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
while (it.hasNext()) {
AccessControlPolicy policy = it.nextAccessControlPolicy();
acMgr.setPolicy(path, policy);
- acMgr.removePolicy(path);
+ acMgr.removePolicy(path, policy);
String msg = "transiently added AND removing a policy must revert " +
"the changes made. " +
- "ACMgr.getPolicy must then return the original value.";
- if (ex == null) {
- assertNull(msg, acMgr.getPolicy(path));
- } else {
- assertEquals(msg, ex.getName(), acMgr.getPolicy(path).getName());
- }
+ "ACMgr.getPolicies must then return the original value.";
+ assertEquals(msg, Arrays.asList(ex), Arrays.asList(acMgr.getPolicies(path)));
}
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlDiscoveryTest.java Wed Aug 27 08:12:04 2008
@@ -20,8 +20,8 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import java.util.ArrayList;
import java.util.List;
+import java.util.Arrays;
/**
* <code>RSessionAccessControlDiscoveryTest</code>: A read-only session must
@@ -49,16 +49,6 @@
super.tearDown();
}
- private Privilege getPrivilege(String name) throws RepositoryException, NotExecutableException {
- Privilege[] privileges = acMgr.getSupportedPrivileges(testPath);
- for (int i = 0; i < privileges.length; i++) {
- if (name.equals(privileges[i].getName())) {
- return privileges[i];
- }
- }
- throw new NotExecutableException();
- }
-
public void testGetSupportedPrivileges() throws RepositoryException {
Privilege[] privileges = testAcMgr.getSupportedPrivileges(testPath);
assertNotNull("getSupportedPrivileges must return a non-null value even for read-only session.", privileges);
@@ -66,23 +56,20 @@
}
public void testGetPrivileges() throws RepositoryException {
- Privilege[] privs = testAcMgr.getPrivileges(testPath);
- List names = new ArrayList(privs.length);
- for (int i = 0; i < privs.length; i++) {
- names.add(privs[i].getName());
- }
+ List privs = Arrays.asList(testAcMgr.getPrivileges(testPath));
+ Privilege readPrivilege = testAcMgr.privilegeFromName(Privilege.JCR_READ);
assertTrue("A read-only session must have READ access to the test node.",
- names.contains(Privilege.READ));
+ privs.contains(readPrivilege));
}
public void testHasPrivileges() throws RepositoryException, NotExecutableException {
- Privilege priv = getPrivilege(Privilege.READ);
+ Privilege priv = testAcMgr.privilegeFromName(Privilege.JCR_READ);
assertTrue("Read-only session must have READ privilege on test node.",
testAcMgr.hasPrivileges(testPath, new Privilege[] {priv}));
}
public void testNotHasPrivileges() throws RepositoryException, NotExecutableException {
- Privilege all = getPrivilege(Privilege.ALL);
+ Privilege all = testAcMgr.privilegeFromName(Privilege.JCR_ALL);
assertFalse("Read-only session must not have ALL privilege",
testAcMgr.hasPrivileges(testPath, new Privilege[] {all}));
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/RSessionAccessControlPolicyTest.java Wed Aug 27 08:12:04 2008
@@ -39,7 +39,7 @@
protected void setUp() throws Exception {
super.setUp();
- // policy-option is cover the by the 'OPTION_SIMPLE_ACCESS_CONTROL_SUPPORTED' -> see super-class
+ // policy-option is cover the by the 'OPTION_ACCESS_CONTROL_SUPPORTED' -> see super-class
Node n = testRootNode.addNode(nodeName1, testNodeType);
superuser.save();
@@ -58,7 +58,7 @@
public void testGetPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
try {
- testAcMgr.getPolicy(path);
+ testAcMgr.getPolicies(path);
fail("read only session may not read AC content.");
} catch (AccessDeniedException e) {
// success
@@ -67,7 +67,7 @@
public void testGetEffectivePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
try {
- testAcMgr.getEffectivePolicy(path);
+ testAcMgr.getEffectivePolicies(path);
fail("read only session may not read AC content.");
} catch (AccessDeniedException e) {
// success
@@ -117,13 +117,4 @@
// fine as well (privileges were apparently checked first)
}
}
-
- public void testRemovePolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
- try {
- testAcMgr.removePolicy(path);
- fail("read only session may not remove a policy.");
- } catch (AccessDeniedException e) {
- // success.
- }
- }
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/jsr283/security/TestAll.java Wed Aug 27 08:12:04 2008
@@ -41,11 +41,10 @@
suite.addTestSuite(AccessControlDiscoveryTest.class);
suite.addTestSuite(AccessControlPolicyTest.class);
suite.addTestSuite(AccessControlPolicyIteratorTest.class);
- suite.addTestSuite(AccessControlEntryTest.class);
+ suite.addTestSuite(AccessControlListTest.class);
// tests with read only session:
suite.addTestSuite(RSessionAccessControlDiscoveryTest.class);
- suite.addTestSuite(RSessionAccessControlEntryTest.class);
suite.addTestSuite(RSessionAccessControlPolicyTest.class);
return suite;
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java Wed Aug 27 08:12:04 2008
@@ -20,12 +20,11 @@
import org.apache.jackrabbit.core.SessionImpl;
import org.apache.jackrabbit.test.AbstractJCRTest;
import org.apache.jackrabbit.test.NotExecutableException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import java.security.Principal;
+import java.security.acl.Group;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
@@ -36,10 +35,8 @@
*/
public class PrincipalManagerTest extends AbstractJCRTest {
- private static Logger log = LoggerFactory.getLogger(PrincipalManagerTest.class);
-
private PrincipalManager principalMgr;
- private Principal everyone;
+ private Group everyone;
protected void setUp() throws Exception {
super.setUp();
@@ -47,7 +44,7 @@
throw new NotExecutableException();
}
principalMgr = ((JackrabbitSession) superuser).getPrincipalManager();
- everyone = principalMgr.getEveryone();
+ everyone = (Group) principalMgr.getEveryone();
}
private static Principal[] getPrincipals(Session session) {
@@ -67,7 +64,6 @@
}
public void testSuperUserIsEveryOne() {
- java.security.acl.Group everyone = (java.security.acl.Group) principalMgr.getEveryone();
Principal[] pcpls = getPrincipals(superuser);
for (int i = 0; i < pcpls.length; i++) {
if (!(pcpls[i].equals(everyone))) {
@@ -77,7 +73,6 @@
}
public void testReadOnlyIsEveryOne() throws RepositoryException {
- java.security.acl.Group everyone = (java.security.acl.Group) principalMgr.getEveryone();
Principal[] pcpls = getPrincipals(helper.getReadOnlySession());
for (int i = 0; i < pcpls.length; i++) {
if (!(pcpls[i].equals(everyone))) {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/AbstractUserTest.java Wed Aug 27 08:12:04 2008
@@ -24,8 +24,6 @@
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.util.Text;
import org.apache.jackrabbit.uuid.UUID;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import javax.jcr.Credentials;
import javax.jcr.RepositoryException;
@@ -45,8 +43,6 @@
*/
public abstract class AbstractUserTest extends AbstractJCRTest {
- private static Logger log = LoggerFactory.getLogger(AbstractUserTest.class);
-
protected UserManager userMgr;
protected void setUp() throws Exception {
@@ -113,16 +109,9 @@
}
protected User getTestUser(Session session) throws NotExecutableException, RepositoryException {
- Set principals = getPrincipalSetFromSession(session);
- for (Iterator it = principals.iterator(); it.hasNext();) {
- try {
- Authorizable auth = userMgr.getAuthorizable((Principal) it.next());
- if (auth != null && !auth.isGroup()) {
- return (User) auth;
- }
- } catch (RepositoryException e) {
- // ignore
- }
+ Authorizable auth = getUserManager(session).getAuthorizable(session.getUserID());
+ if (auth != null && !auth.isGroup()) {
+ return (User) auth;
}
// should never happen. An Session should always have a corresponding User.
throw new RepositoryException("Unable to retrieve a User.");
@@ -131,13 +120,9 @@
protected Group getTestGroup(Session session) throws NotExecutableException, RepositoryException {
Set principals = getPrincipalSetFromSession(session);
for (Iterator it = principals.iterator(); it.hasNext();) {
- try {
- Authorizable auth = userMgr.getAuthorizable((Principal) it.next());
- if (auth != null && auth.isGroup()) {
- return (Group) auth;
- }
- } catch (RepositoryException e) {
- // ignore
+ Authorizable auth = getUserManager(session).getAuthorizable((Principal) it.next());
+ if (auth != null && auth.isGroup()) {
+ return (Group) auth;
}
}
// may happen -> don't throw RepositoryException
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserManagerTest.java Wed Aug 27 08:12:04 2008
@@ -17,8 +17,6 @@
package org.apache.jackrabbit.api.security.user;
import org.apache.jackrabbit.test.NotExecutableException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import javax.jcr.RepositoryException;
import java.security.Principal;
@@ -30,9 +28,7 @@
*/
public class UserManagerTest extends AbstractUserTest {
- private static Logger log = LoggerFactory.getLogger(UserManagerTest.class);
-
- // TODO: add generic tests for UserManager.findAuthorizable
+ // TODO: add generic tests for UserManager.findAuthorizables
// TODO: test creating users/groups if root is locked OR checked-in.
public void testGetAuthorizableByPrincipal() throws RepositoryException, NotExecutableException {
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,177 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.config;
+
+import org.apache.jackrabbit.core.DefaultSecurityManager;
+import org.apache.jackrabbit.core.security.DefaultAccessManager;
+import org.apache.jackrabbit.core.security.authentication.DefaultLoginModule;
+import org.apache.jackrabbit.core.security.simple.SimpleAccessManager;
+import org.apache.jackrabbit.core.security.simple.SimpleSecurityManager;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.IOException;
+import java.io.StringReader;
+import java.util.Properties;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Iterator;
+
+/** <code>SecurityConfigTest</code>... */
+public class SecurityConfigTest extends AbstractJCRTest {
+
+ private static Logger log = LoggerFactory.getLogger(SecurityConfigTest.class);
+
+ private RepositoryConfigurationParser parser;
+
+ protected void setUp() throws Exception {
+ super.setUp();
+ parser = new RepositoryConfigurationParser(new Properties());
+ }
+
+ protected void tearDown() throws Exception {
+ super.tearDown();
+ }
+
+ public void testConfig1() throws ConfigurationException {
+ Element xml = parseXML(new InputSource(new StringReader(CONFIG_1)), true);
+ SecurityConfig config = parser.parseSecurityConfig(xml);
+
+ assertNotNull(config.getAppName());
+ assertEquals("Jackrabbit", config.getAppName());
+
+ SecurityManagerConfig smc = config.getSecurityManagerConfig();
+ assertNotNull(smc);
+ assertTrue(smc.newInstance() instanceof SimpleSecurityManager);
+ assertNull(smc.getWorkspaceAccessConfig());
+ assertNull(smc.getWorkspaceName());
+
+ assertNotNull(config.getAccessManagerConfig());
+ assertTrue(config.getAccessManagerConfig().newInstance() instanceof SimpleAccessManager);
+
+ assertNull(config.getLoginModuleConfig());
+ }
+
+ public void testConfig2() throws ConfigurationException {
+ Element xml = parseXML(new InputSource(new StringReader(CONFIG_2)), true);
+ SecurityConfig config = parser.parseSecurityConfig(xml);
+
+ assertNotNull(config.getAppName());
+ assertEquals("Jackrabbit", config.getAppName());
+
+ SecurityManagerConfig smc = config.getSecurityManagerConfig();
+ assertNotNull(smc);
+ assertTrue(smc.newInstance() instanceof DefaultSecurityManager);
+ assertNull(smc.getWorkspaceAccessConfig());
+ assertEquals("security", smc.getWorkspaceName());
+
+ AccessManagerConfig amc = config.getAccessManagerConfig();
+ assertNotNull(amc);
+ assertTrue(amc.newInstance() instanceof DefaultAccessManager);
+
+ LoginModuleConfig lmc = config.getLoginModuleConfig();
+ assertNotNull(lmc);
+ assertTrue(lmc.getLoginModule() instanceof DefaultLoginModule);
+ Properties options = lmc.getParameters();
+ assertNotNull(options);
+ assertEquals("anonymous", options.getProperty("anonymousId"));
+ assertEquals("admin", options.getProperty("adminId"));
+ assertEquals("org.apache.jackrabbit.TestPrincipalProvider", options.getProperty("principalProvider"));
+ }
+
+ public void testInvalidConfig() {
+ List invalid = new ArrayList();
+ invalid.add(new InputSource(new StringReader(INVALID_CONFIG_1)));
+ invalid.add(new InputSource(new StringReader(INVALID_CONFIG_2)));
+ invalid.add(new InputSource(new StringReader(INVALID_CONFIG_3)));
+
+ for (Iterator it = invalid.iterator(); it.hasNext();) {
+ try {
+ Element xml = parseXML((InputSource) it.next(), false);
+ parser.parseSecurityConfig(xml);
+ fail("Invalid config -> should fail.");
+ } catch (ConfigurationException e) {
+ // ok
+ }
+ }
+ }
+
+ private static Element parseXML(InputSource xml, boolean validate) throws ConfigurationException {
+ try {
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setValidating(validate);
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ if (validate) {
+ builder.setErrorHandler(new ConfigurationErrorHandler());
+ }
+ builder.setEntityResolver(ConfigurationEntityResolver.INSTANCE);
+ Document document = builder.parse(xml);
+ return document.getDocumentElement();
+ } catch (ParserConfigurationException e) {
+ throw new ConfigurationException("Unable to create configuration XML parser", e);
+ } catch (SAXParseException e) {
+ throw new ConfigurationException("Configuration file syntax error. (Line: " + e.getLineNumber() + " Column: " + e.getColumnNumber() + ")", e);
+ } catch (SAXException e) {
+ throw new ConfigurationException("Configuration file syntax error. ", e);
+ } catch (IOException e) {
+ throw new ConfigurationException("Configuration file could not be read.", e);
+ }
+ }
+
+ private static final String CONFIG_1 =
+ " <Security appName=\"Jackrabbit\">" +
+ " <SecurityManager class=\"org.apache.jackrabbit.core.security.simple.SimpleSecurityManager\"></SecurityManager>" +
+ " <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
+ " </Security>";
+
+ private static final String CONFIG_2 =
+ " <Security appName=\"Jackrabbit\">" +
+ " <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\" workspaceName=\"security\">" +
+ " </SecurityManager>" +
+ " <AccessManager class=\"org.apache.jackrabbit.core.security.DefaultAccessManager\">" +
+ " </AccessManager>" +
+ " <LoginModule class=\"org.apache.jackrabbit.core.security.authentication.DefaultLoginModule\">" +
+ " <param name=\"anonymousId\" value=\"anonymous\"/>" +
+ " <param name=\"adminId\" value=\"admin\"/>" +
+ " <param name=\"principalProvider\" value=\"org.apache.jackrabbit.TestPrincipalProvider\"/>" +
+ " </LoginModule>\n" +
+ " </Security>";
+
+ private static final String INVALID_CONFIG_1 =
+ " <Security appName=\"Jackrabbit\">" +
+ " <SecurityManager class=\"org.apache.jackrabbit.core.security.simple.SimpleSecurityManager\"></SecurityManager>" +
+ " </Security>";
+
+ private static final String INVALID_CONFIG_2 =
+ " <Security>" +
+ " <SecurityManager class=\"org.apache.jackrabbit.core.security.simple.SimpleSecurityManager\"></SecurityManager>" +
+ " <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
+ " </Security>";
+ private static final String INVALID_CONFIG_3 =
+ " <Security appName=\"Jackrabbit\">" +
+ " <AccessManager class=\"org.apache.jackrabbit.core.security.simple.SimpleAccessManager\"></AccessManager>" +
+ " </Security>";
+}
\ No newline at end of file
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
------------------------------------------------------------------------------
svn:keywords = author date id revision url
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java Wed Aug 27 08:12:04 2008
@@ -154,29 +154,6 @@
assertTrue(acMgr.isGranted(id, AccessManager.WRITE | AccessManager.REMOVE));
}
-/*
-// TODO: uncomment as soon as SimpleAccessManager is replaced
- public void testIsGrantedForRemovedItem() throws RepositoryException, NotExecutableException {
- AccessManager acMgr = getAccessManager(superuser);
- Property p = testRootNode.setProperty(propertyName1, "anyvalue");
- ItemId id;
- if (p instanceof PropertyImpl) {
- id = ((PropertyImpl)p).getId();
- } else {
- throw new NotExecutableException();
- }
-
- assertTrue(acMgr.isGranted(id, AccessManager.READ));
- p.remove();
- try {
- acMgr.isGranted(id, AccessManager.READ);
- fail("AccessManager.isGranted should throw ItemNotFoundException if id of a removed item is passed.");
- } catch (ItemNotFoundException e) {
- // ok
- }
- }
-*/
-
public void testCanAccess() throws RepositoryException, NotExecutableException {
Session s = helper.getReadOnlySession();
String wspName = s.getWorkspace().getName();
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java?rev=689499&r1=689498&r2=689499&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/TestAll.java Wed Aug 27 08:12:04 2008
@@ -28,7 +28,7 @@
* @return a <code>Test</code> suite that executes all security test.
*/
public static Test suite() {
- TestSuite suite = new TestSuite("Security tests");
+ TestSuite suite = new TestSuite("core.security tests");
suite.addTestSuite(AccessManagerTest.class);
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authentication;
+
+import org.apache.jackrabbit.api.jsr283.GuestCredentials;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+/** <code>GuestLoginTest</code>... */
+public class GuestLoginTest extends AbstractJCRTest {
+
+ private Session guest;
+
+ protected void setUp() throws Exception {
+ super.setUp();
+ guest = helper.getRepository().login(new GuestCredentials());
+ }
+
+ protected void tearDown() throws Exception {
+ if (guest != null) {
+ guest.logout();
+ }
+ super.tearDown();
+ }
+
+ /**
+ * Implementation specific test: userID must never be null.
+ *
+ * @throws RepositoryException
+ */
+ public void testUserID() throws RepositoryException {
+ assertNotNull(guest.getUserID());
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/GuestLoginTest.java
------------------------------------------------------------------------------
svn:keywords = author date id revision url
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authentication;
+
+import org.apache.jackrabbit.test.AbstractJCRTest;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+/** <code>NullLoginTest</code>... */
+public class NullLoginTest extends AbstractJCRTest {
+
+ protected void setUp() throws Exception {
+ super.setUp();
+ }
+
+ protected void tearDown() throws Exception {
+ super.tearDown();
+ }
+
+ public void testNullLogin() throws RepositoryException {
+ Session s = helper.getRepository().login();
+ Session s2 = helper.getRepository().login(null, null);
+
+ assertNotNull(s.getUserID());
+ assertEquals(s.getUserID(), s2.getUserID());
+ assertEquals(s.getWorkspace().getName(), s2.getWorkspace().getName());
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/NullLoginTest.java
------------------------------------------------------------------------------
svn:keywords = author date id revision url
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java?rev=689499&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java Wed Aug 27 08:12:04 2008
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authentication;
+
+import junit.framework.TestCase;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/** <code>TestAll</code>... */
+public class TestAll extends TestCase {
+
+ private static Logger log = LoggerFactory.getLogger(TestAll.class);
+
+ public static Test suite() {
+ TestSuite suite = new TestSuite("core.security.authentication tests");
+
+ suite.addTestSuite(GuestLoginTest.class);
+ suite.addTestSuite(NullLoginTest.class);
+
+ return suite;
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/TestAll.java
------------------------------------------------------------------------------
svn:keywords = author date id revision url