You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by tr...@apache.org on 2015/06/02 19:56:36 UTC
svn commit: r1683152 - in
/jackrabbit/commons/filevault/trunk/vault-core/src/test:
java/org/apache/jackrabbit/vault/packaging/integration/
resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/
Author: tripod
Date: Tue Jun 2 17:56:36 2015
New Revision: 1683152
URL: http://svn.apache.org/r1683152
Log:
JCRVLT-94 [AccessControlHandling] Unexpected behavior of acHandling 'merge'
Added:
jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b2_merge.zip
jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b3_merge.zip
Modified:
jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/IntegrationTestBase.java
jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/TestACLAndMerge.java
Modified: jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/IntegrationTestBase.java
URL: http://svn.apache.org/viewvc/jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/IntegrationTestBase.java?rev=1683152&r1=1683151&r2=1683152&view=diff
==============================================================================
--- jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/IntegrationTestBase.java (original)
+++ jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/IntegrationTestBase.java Tue Jun 2 17:56:36 2015
@@ -260,7 +260,7 @@ public class IntegrationTestBase {
restrictions.put("rep:glob", new String[]{globRest});
}
if (hasPermission(path, allow, privs, name, restrictions) >= 0) {
- fail("Expected permission should not exist on path " + path);
+ fail("Expected permission should not exist on path " + path + ". permissions: " + dumpPermissions(path));
}
}
@@ -271,10 +271,45 @@ public class IntegrationTestBase {
restrictions.put("rep:glob", new String[]{globRest});
}
if (hasPermission(path, allow, privs, name, restrictions) < 0) {
- fail("Expected permission missing on path " + path);
+ fail("Expected permission missing on path " + path + ". permissions: " + dumpPermissions(path));
}
}
+ public String dumpPermissions(String path) throws RepositoryException {
+ StringBuilder ret = new StringBuilder();
+ AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(path);
+ for (AccessControlPolicy p: ap) {
+ if (p instanceof JackrabbitAccessControlList) {
+ JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
+ for (AccessControlEntry ac: acl.getAccessControlEntries()) {
+ if (ac instanceof JackrabbitAccessControlEntry) {
+ JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) ac;
+ ret.append(ace.isAllow() ? "\n- allow " : "deny ");
+ ret.append(ace.getPrincipal().getName());
+ char delim = '[';
+ for (Privilege priv: ace.getPrivileges()) {
+ ret.append(delim).append(priv.getName());
+ delim=',';
+ }
+ ret.append(']');
+ for (String restName: ace.getRestrictionNames()) {
+ Value[] values;
+ if ("rep:glob".equals(restName)) {
+ values = new Value[]{ace.getRestriction(restName)};
+ } else {
+ values = ace.getRestrictions(restName);
+ }
+ for (Value value : values) {
+ ret.append(" rest=").append(value.getString());
+ }
+ }
+ }
+ }
+ }
+ }
+ return ret.toString();
+ }
+
public int hasPermission(String path, boolean allow, String[] privs, String name, Map<String, String[]> restrictions)
throws RepositoryException {
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(path);
Modified: jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/TestACLAndMerge.java
URL: http://svn.apache.org/viewvc/jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/TestACLAndMerge.java?rev=1683152&r1=1683151&r2=1683152&view=diff
==============================================================================
--- jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/TestACLAndMerge.java (original)
+++ jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/integration/TestACLAndMerge.java Tue Jun 2 17:56:36 2015
@@ -43,6 +43,7 @@ import org.apache.jackrabbit.vault.fs.io
import org.apache.jackrabbit.vault.packaging.JcrPackage;
import org.apache.jackrabbit.vault.packaging.PackageException;
import org.junit.Assume;
+import org.junit.Ignore;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
@@ -140,6 +141,33 @@ public class TestACLAndMerge extends Int
}
/**
+ * Installs 2 packages with the same ACE. the later packages has AC Handling MERGE and should overwrite the
+ * existing ACL.
+ */
+ @Test
+ @Ignore("JCRVLT-94")
+ public void testACMerge4() throws RepositoryException, IOException, PackageException {
+ assertNodeMissing("/testroot");
+
+ JcrPackage pack = packMgr.upload(getStream("testpackages/mode_ac_test_b2_merge.zip"), false);
+ assertNotNull(pack);
+ pack.install(getDefaultOptions());
+
+ // test if nodes and ACLs of first package exist
+ assertNodeExists("/testroot/node_a");
+ assertPermission("/testroot/secured", true, new String[]{"jcr:read", "jcr:write"}, "everyone", null);
+
+ pack = packMgr.upload(getStream("testpackages/mode_ac_test_b3_merge.zip"), false);
+ assertNotNull(pack);
+ pack.install(getDefaultOptions());
+
+ // test if nodes and ACLs of 2nd package exist
+ assertNodeExists("/testroot/node_a");
+ assertNodeExists("/testroot/node_b");
+ assertPermission("/testroot/secured", true, new String[]{"jcr:read", "jcr:versionManagement"}, "everyone", null);
+ }
+
+ /**
* Installs 2 packages with ACL for different principals. the first package has an ace for 'everyone' the 2nd for
* 'testuser'. the later package should not corrupt the existing acl (unlike overwrite).
*/
Added: jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b2_merge.zip
URL: http://svn.apache.org/viewvc/jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b2_merge.zip?rev=1683152&view=auto
==============================================================================
Binary files jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b2_merge.zip (added) and jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b2_merge.zip Tue Jun 2 17:56:36 2015 differ
Added: jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b3_merge.zip
URL: http://svn.apache.org/viewvc/jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b3_merge.zip?rev=1683152&view=auto
==============================================================================
Binary files jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b3_merge.zip (added) and jackrabbit/commons/filevault/trunk/vault-core/src/test/resources/org/apache/jackrabbit/vault/packaging/integration/testpackages/mode_ac_test_b3_merge.zip Tue Jun 2 17:56:36 2015 differ