You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by tr...@apache.org on 2009/09/02 23:30:16 UTC
svn commit: r810703 - in
/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit:
api/security/principal/ core/security/ core/security/authorization/
core/security/authorization/acl/ core/security/authorization/combined/
core/security/aut...
Author: tripod
Date: Wed Sep 2 21:30:15 2009
New Revision: 810703
URL: http://svn.apache.org/viewvc?rev=810703&view=rev
Log:
USe java 1.5 and generics where possible
Modified:
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EvaluationUtil.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/LockTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/NodeTypeTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/VersionTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EvaluationUtil.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/LockTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/NodeTypeTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/VersionTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/PrincipalManagerTest.java Wed Sep 2 21:30:15 2009
@@ -50,8 +50,8 @@
private static Principal[] getPrincipals(Session session) {
// TODO: get rid of SessionImpl dependency
- Set princ = ((SessionImpl) session).getSubject().getPrincipals();
- return (Principal[]) princ.toArray(new Principal[princ.size()]);
+ Set<Principal> princ = ((SessionImpl) session).getSubject().getPrincipals();
+ return princ.toArray(new Principal[princ.size()]);
}
private static boolean isGroup(Principal p) {
@@ -66,9 +66,9 @@
public void testSuperUserIsEveryOne() {
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- if (!(pcpls[i].equals(everyone))) {
- assertTrue(everyone.isMember(pcpls[i]));
+ for (Principal pcpl : pcpls) {
+ if (!(pcpl.equals(everyone))) {
+ assertTrue(everyone.isMember(pcpl));
}
}
}
@@ -77,9 +77,9 @@
Session s = getHelper().getReadOnlySession();
try {
Principal[] pcpls = getPrincipals(s);
- for (int i = 0; i < pcpls.length; i++) {
- if (!(pcpls[i].equals(everyone))) {
- assertTrue(everyone.isMember(pcpls[i]));
+ for (Principal pcpl : pcpls) {
+ if (!(pcpl.equals(everyone))) {
+ assertTrue(everyone.isMember(pcpl));
}
}
} finally {
@@ -91,31 +91,31 @@
assertTrue(principalMgr.hasPrincipal(everyone.getName()));
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- assertTrue(principalMgr.hasPrincipal(pcpls[i].getName()));
+ for (Principal pcpl : pcpls) {
+ assertTrue(principalMgr.hasPrincipal(pcpl.getName()));
}
}
- public void testGetPrincipal() throws NoSuchPrincipalException {
+ public void testGetPrincipal() {
Principal p = principalMgr.getPrincipal(everyone.getName());
assertEquals(everyone, p);
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- Principal pp = principalMgr.getPrincipal(pcpls[i].getName());
- assertEquals("PrincipalManager.getPrincipal returned Principal with different Name", pcpls[i].getName(), pp.getName());
+ for (Principal pcpl : pcpls) {
+ Principal pp = principalMgr.getPrincipal(pcpl.getName());
+ assertEquals("PrincipalManager.getPrincipal returned Principal with different Name", pcpl.getName(), pp.getName());
}
}
- public void testGetPrincipalGetName() throws NoSuchPrincipalException {
+ public void testGetPrincipalGetName() {
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- Principal pp = principalMgr.getPrincipal(pcpls[i].getName());
- assertEquals("PrincipalManager.getPrincipal returned Principal with different Name", pcpls[i].getName(), pp.getName());
+ for (Principal pcpl : pcpls) {
+ Principal pp = principalMgr.getPrincipal(pcpl.getName());
+ assertEquals("PrincipalManager.getPrincipal returned Principal with different Name", pcpl.getName(), pp.getName());
}
}
- public void testGetPrincipals() throws NoSuchPrincipalException {
+ public void testGetPrincipals() {
PrincipalIterator it = principalMgr.getPrincipals(PrincipalManager.SEARCH_TYPE_NOT_GROUP);
while (it.hasNext()) {
Principal p = it.nextPrincipal();
@@ -123,7 +123,7 @@
}
}
- public void testGetGroupPrincipals() throws NoSuchPrincipalException {
+ public void testGetGroupPrincipals() {
PrincipalIterator it = principalMgr.getPrincipals(PrincipalManager.SEARCH_TYPE_GROUP);
while (it.hasNext()) {
Principal p = it.nextPrincipal();
@@ -131,7 +131,7 @@
}
}
- public void testGetAllPrincipals() throws NoSuchPrincipalException {
+ public void testGetAllPrincipals() {
PrincipalIterator it = principalMgr.getPrincipals(PrincipalManager.SEARCH_TYPE_ALL);
while (it.hasNext()) {
Principal p = it.nextPrincipal();
@@ -154,7 +154,7 @@
}
}
- public void testGroupMembership() throws NoSuchPrincipalException {
+ public void testGroupMembership() {
testMembership(PrincipalManager.SEARCH_TYPE_NOT_GROUP);
testMembership(PrincipalManager.SEARCH_TYPE_GROUP);
testMembership(PrincipalManager.SEARCH_TYPE_ALL);
@@ -217,54 +217,54 @@
public void testFindPrincipal() {
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- if (pcpls[i].equals(everyone)) {
+ for (Principal pcpl : pcpls) {
+ if (pcpl.equals(everyone)) {
continue;
}
- Iterator it = principalMgr.findPrincipals(pcpls[i].getName());
+ Iterator it = principalMgr.findPrincipals(pcpl.getName());
// search must find at least a single principal
- assertTrue("findPrincipals does not find principal with filter "+pcpls[i].getName(), it.hasNext());
+ assertTrue("findPrincipals does not find principal with filter " + pcpl.getName(), it.hasNext());
}
}
public void testFindPrincipalByType() {
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- if (pcpls[i].equals(everyone)) {
+ for (Principal pcpl : pcpls) {
+ if (pcpl.equals(everyone)) {
// special case covered by another test
continue;
}
- if (isGroup(pcpls[i])) {
- Iterator it = principalMgr.findPrincipals(pcpls[i].getName(),
+ if (isGroup(pcpl)) {
+ Iterator it = principalMgr.findPrincipals(pcpl.getName(),
PrincipalManager.SEARCH_TYPE_GROUP);
// search must find at least a single matching group principal
- assertTrue("findPrincipals does not find principal with filter "+pcpls[i].getName(), it.hasNext());
+ assertTrue("findPrincipals does not find principal with filter " + pcpl.getName(), it.hasNext());
} else {
- Iterator it = principalMgr.findPrincipals(pcpls[i].getName(),
+ Iterator it = principalMgr.findPrincipals(pcpl.getName(),
PrincipalManager.SEARCH_TYPE_NOT_GROUP);
// search must find at least a single matching non-group principal
- assertTrue("findPrincipals does not find principal with filter "+pcpls[i].getName(), it.hasNext());
+ assertTrue("findPrincipals does not find principal with filter " + pcpl.getName(), it.hasNext());
}
}
}
public void testFindPrincipalByTypeAll() {
Principal[] pcpls = getPrincipals(superuser);
- for (int i = 0; i < pcpls.length; i++) {
- if (pcpls[i].equals(everyone)) {
+ for (Principal pcpl : pcpls) {
+ if (pcpl.equals(everyone)) {
// special case covered by another test
continue;
}
- PrincipalIterator it = principalMgr.findPrincipals(pcpls[i].getName(), PrincipalManager.SEARCH_TYPE_ALL);
- PrincipalIterator it2 = principalMgr.findPrincipals(pcpls[i].getName());
+ PrincipalIterator it = principalMgr.findPrincipals(pcpl.getName(), PrincipalManager.SEARCH_TYPE_ALL);
+ PrincipalIterator it2 = principalMgr.findPrincipals(pcpl.getName());
// both search must reveal the same result and size
assertTrue(it.getSize() == it2.getSize());
- Set s1 = new HashSet();
- Set s2 = new HashSet();
+ Set<Principal> s1 = new HashSet<Principal>();
+ Set<Principal> s2 = new HashSet<Principal>();
while (it.hasNext() && it2.hasNext()) {
s1.add(it.nextPrincipal());
s2.add(it2.nextPrincipal());
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/AccessManagerTest.java Wed Sep 2 21:30:15 2009
@@ -197,14 +197,14 @@
public void testCanAccessDeniedWorkspace() throws RepositoryException, NotExecutableException {
Session s = getHelper().getReadOnlySession();
try {
- Set allAccessibles = new HashSet(Arrays.asList(superuser.getWorkspace().getAccessibleWorkspaceNames()));
- Set sWorkspaceNames = new HashSet(Arrays.asList(s.getWorkspace().getAccessibleWorkspaceNames()));
+ Set<String> allAccessibles = new HashSet<String>(Arrays.asList(superuser.getWorkspace().getAccessibleWorkspaceNames()));
+ Set<String> sWorkspaceNames = new HashSet<String>(Arrays.asList(s.getWorkspace().getAccessibleWorkspaceNames()));
if (!allAccessibles.removeAll(sWorkspaceNames) || allAccessibles.isEmpty()) {
throw new NotExecutableException("No workspace name found that exists but is not accessible for ReadOnly session.");
}
- String notAccessibleName = allAccessibles.iterator().next().toString();
+ String notAccessibleName = allAccessibles.iterator().next();
assertFalse(getAccessManager(s).canAccess(notAccessibleName));
} finally {
s.logout();
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java Wed Sep 2 21:30:15 2009
@@ -16,6 +16,15 @@
*/
package org.apache.jackrabbit.core.security.authorization;
+import java.security.Principal;
+import java.util.Collections;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.Privilege;
+
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
@@ -25,14 +34,6 @@
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
-import javax.jcr.RepositoryException;
-import javax.jcr.Value;
-import javax.jcr.security.AccessControlEntry;
-import javax.jcr.security.AccessControlException;
-import javax.jcr.security.Privilege;
-import java.security.Principal;
-import java.util.Collections;
-
/**
* <code>AbstractACLTemplateTest</code>...
*/
@@ -171,15 +172,15 @@
public void testAddEntry() throws RepositoryException, NotExecutableException {
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
Privilege[] privs = privilegesFromName(Privilege.JCR_READ);
- assertTrue(pt.addEntry(testPrincipal, privs, true, Collections.EMPTY_MAP));
+ assertTrue(pt.addEntry(testPrincipal, privs, true, Collections.<String, Value>emptyMap()));
}
public void testAddEntryTwice() throws RepositoryException, NotExecutableException {
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
Privilege[] privs = privilegesFromName(Privilege.JCR_READ);
- pt.addEntry(testPrincipal, privs, true, Collections.EMPTY_MAP);
- assertFalse(pt.addEntry(testPrincipal, privs, true, Collections.EMPTY_MAP));
+ pt.addEntry(testPrincipal, privs, true, Collections.<String, Value>emptyMap());
+ assertFalse(pt.addEntry(testPrincipal, privs, true, Collections.<String, Value>emptyMap()));
}
public void testEffect() throws RepositoryException, NotExecutableException {
@@ -196,8 +197,7 @@
int allows = PrivilegeRegistry.NO_PRIVILEGE;
int denies = PrivilegeRegistry.NO_PRIVILEGE;
AccessControlEntry[] entries = pt.getAccessControlEntries();
- for (int i = 0; i < entries.length; i++) {
- AccessControlEntry ace = entries[i];
+ for (AccessControlEntry ace : entries) {
if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
int entryBits = PrivilegeRegistry.getBits(ace.getPrivileges());
if (((JackrabbitAccessControlEntry) ace).isAllow()) {
@@ -213,17 +213,16 @@
public void testEffect2() throws RepositoryException, NotExecutableException {
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
- pt.addEntry(testPrincipal, privilegesFromName(Privilege.JCR_READ), true, Collections.EMPTY_MAP);
+ pt.addEntry(testPrincipal, privilegesFromName(Privilege.JCR_READ), true, Collections.<String, Value>emptyMap());
// same entry but with revers 'isAllow' flag
- assertTrue(pt.addEntry(testPrincipal, privilegesFromName(Privilege.JCR_READ), false, Collections.EMPTY_MAP));
+ assertTrue(pt.addEntry(testPrincipal, privilegesFromName(Privilege.JCR_READ), false, Collections.<String, Value>emptyMap()));
// test net-effect
int allows = PrivilegeRegistry.NO_PRIVILEGE;
int denies = PrivilegeRegistry.NO_PRIVILEGE;
AccessControlEntry[] entries = pt.getAccessControlEntries();
- for (int i = 0; i < entries.length; i++) {
- AccessControlEntry ace = entries[i];
+ for (AccessControlEntry ace : entries) {
if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
int entryBits = PrivilegeRegistry.getBits(ace.getPrivileges());
if (((JackrabbitAccessControlEntry) ace).isAllow()) {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java Wed Sep 2 21:30:15 2009
@@ -19,7 +19,6 @@
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Iterator;
import java.util.List;
import javax.jcr.RepositoryException;
@@ -117,7 +116,7 @@
public void testEquals() throws RepositoryException, NotExecutableException {
JackrabbitAccessControlEntry ace = createEntry(new String[] {Privilege.JCR_ALL}, true);
- List equalAces = new ArrayList();
+ List<JackrabbitAccessControlEntry> equalAces = new ArrayList<JackrabbitAccessControlEntry>();
equalAces.add(createEntry(new String[] {Privilege.JCR_ALL}, true));
Privilege[] privs = acMgr.privilegeFromName(Privilege.JCR_ALL).getDeclaredAggregatePrivileges();
@@ -126,14 +125,14 @@
privs = acMgr.privilegeFromName(Privilege.JCR_ALL).getAggregatePrivileges();
equalAces.add(createEntry(testPrincipal, privs, true));
- for (Iterator it = equalAces.iterator(); it.hasNext();) {
- assertEquals(ace, it.next());
+ for (JackrabbitAccessControlEntry equalAce : equalAces) {
+ assertEquals(ace, equalAce);
}
}
public void testNotEquals() throws RepositoryException, NotExecutableException {
JackrabbitAccessControlEntry ace = createEntry(new String[] {Privilege.JCR_ALL}, true);
- List otherAces = new ArrayList();
+ List<JackrabbitAccessControlEntry> otherAces = new ArrayList<JackrabbitAccessControlEntry>();
try {
// ACE template with different principal
@@ -191,8 +190,8 @@
};
otherAces.add(pe);
- for (Iterator it = otherAces.iterator(); it.hasNext();) {
- assertFalse(ace.equals(it.next()));
+ for (JackrabbitAccessControlEntry otherAce : otherAces) {
+ assertFalse(ace.equals(otherAce));
}
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEvaluationTest.java Wed Sep 2 21:30:15 2009
@@ -30,12 +30,12 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.Privilege;
import java.security.Principal;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
@@ -51,7 +51,7 @@
private Session testSession;
private AccessControlManager testAccessControlManager;
private Node trn;
- private Set toClear = new HashSet();
+ private Set<String> toClear = new HashSet<String>();
protected void setUp() throws Exception {
super.setUp();
@@ -74,14 +74,13 @@
}
protected void tearDown() throws Exception {
- for (Iterator it = toClear.iterator(); it.hasNext();) {
- String path = it.next().toString();
+ for (String path : toClear) {
try {
AccessControlPolicy[] policies = acMgr.getPolicies(path);
- for (int i = 0; i < policies.length; i++) {
- acMgr.removePolicy(path, policies[i]);
+ for (AccessControlPolicy policy : policies) {
+ acMgr.removePolicy(path, policy);
}
- superuser.save();
+ superuser.save();
} catch (RepositoryException e) {
// log error and ignore
log.debug(e.getMessage());
@@ -139,13 +138,13 @@
}
protected abstract JackrabbitAccessControlList getPolicy(AccessControlManager acMgr, String path, Principal princ) throws RepositoryException, NotExecutableException;
- protected abstract Map getRestrictions(Session session, String path) throws RepositoryException, NotExecutableException;
+ protected abstract Map<String, Value> getRestrictions(Session session, String path) throws RepositoryException, NotExecutableException;
protected JackrabbitAccessControlList modifyPrivileges(String path, String privilege, boolean isAllow) throws NotExecutableException, RepositoryException {
return modifyPrivileges(path, testUser.getPrincipal(), privilegesFromName(privilege), isAllow, getRestrictions(superuser, path));
}
- private JackrabbitAccessControlList modifyPrivileges(String path, Principal principal, Privilege[] privileges, boolean isAllow, Map restrictions) throws NotExecutableException, RepositoryException {
+ private JackrabbitAccessControlList modifyPrivileges(String path, Principal principal, Privilege[] privileges, boolean isAllow, Map<String, Value> restrictions) throws NotExecutableException, RepositoryException {
JackrabbitAccessControlList tmpl = getPolicy(acMgr, path, principal);
tmpl.addEntry(principal, privileges, isAllow, restrictions);
@@ -158,20 +157,24 @@
}
protected JackrabbitAccessControlList givePrivileges(String nPath, Privilege[] privileges,
- Map restrictions) throws NotExecutableException, RepositoryException {
+ Map<String, Value> restrictions)
+ throws NotExecutableException, RepositoryException {
return modifyPrivileges(nPath, testUser.getPrincipal(), privileges, true, restrictions);
}
protected JackrabbitAccessControlList givePrivileges(String nPath, Principal principal,
- Privilege[] privileges, Map restrictions) throws NotExecutableException, RepositoryException {
+ Privilege[] privileges, Map<String, Value> restrictions)
+ throws NotExecutableException, RepositoryException {
return modifyPrivileges(nPath, principal, privileges, true, restrictions);
}
- protected JackrabbitAccessControlList withdrawPrivileges(String nPath, Privilege[] privileges, Map restrictions) throws NotExecutableException, RepositoryException {
+ protected JackrabbitAccessControlList withdrawPrivileges(String nPath, Privilege[] privileges, Map<String, Value> restrictions)
+ throws NotExecutableException, RepositoryException {
return modifyPrivileges(nPath, testUser.getPrincipal(), privileges, false, restrictions);
}
- protected JackrabbitAccessControlList withdrawPrivileges(String nPath, Principal principal, Privilege[] privileges, Map restrictions) throws NotExecutableException, RepositoryException {
+ protected JackrabbitAccessControlList withdrawPrivileges(String nPath, Principal principal, Privilege[] privileges, Map<String, Value> restrictions)
+ throws NotExecutableException, RepositoryException {
return modifyPrivileges(nPath, principal, privileges, false, restrictions);
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractVersionManagementTest.java Wed Sep 2 21:30:15 2009
@@ -169,9 +169,9 @@
} finally {
// revert privilege modification (manually remove the ACE added)
AccessControlEntry[] entries = tmpl.getAccessControlEntries();
- for (int i = 0; i < entries.length; i++) {
- if (entries[i].getPrincipal().equals(testUser.getPrincipal())) {
- tmpl.removeAccessControlEntry(entries[i]);
+ for (AccessControlEntry entry1 : entries) {
+ if (entry1.getPrincipal().equals(testUser.getPrincipal())) {
+ tmpl.removeAccessControlEntry(entry1);
}
}
acMgr.setPolicy(tmpl.getPath(), tmpl);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java Wed Sep 2 21:30:15 2009
@@ -336,7 +336,7 @@
Privilege[] dnPrivs = privilegesFromName(Privilege.JCR_READ);
withdrawPrivileges(path, dnPrivs, getRestrictions(superuser, path));
- // testUser registers a eventlistener for 'path
+ // testUser registers a event listener for 'path
ObservationManager obsMgr = testSession.getWorkspace().getObservationManager();
EventResult listener = new EventResult(((JUnitTest) this).log);
try {
@@ -351,9 +351,9 @@
// since the testUser does not have read-permission on the removed
// node, no corresponding event must be generated.
Event[] evts = listener.getEvents(DEFAULT_WAIT_TIMEOUT);
- for (int i = 0; i < evts.length; i++) {
- if (evts[i].getType() == Event.NODE_REMOVED &&
- evts[i].getPath().equals(childNPath)) {
+ for (Event evt : evts) {
+ if (evt.getType() == Event.NODE_REMOVED &&
+ evt.getPath().equals(childNPath)) {
fail("TestUser does not have READ permission below " + path + " -> events below must not show up.");
}
}
@@ -445,7 +445,7 @@
Privilege[] rmChildNodes = privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES);
- // add 'remove_child_nodes' privilge at 'path'
+ // add 'remove_child_nodes' privilege at 'path'
givePrivileges(path, rmChildNodes, getRestrictions(superuser, path));
/*
expected result:
@@ -491,7 +491,7 @@
Privilege[] privs = privilegesFromNames(new String[] {
Privilege.JCR_REMOVE_CHILD_NODES, Privilege.JCR_REMOVE_NODE
});
- // add 'remove_node' and 'remove_child_nodes' privilge at 'path'
+ // add 'remove_node' and 'remove_child_nodes' privilege at 'path'
givePrivileges(path, privs, getRestrictions(superuser, path));
/*
expected result:
@@ -522,9 +522,9 @@
Privilege[] rmChildNodes = privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES);
Privilege[] rmNode = privilegesFromName(Privilege.JCR_REMOVE_NODE);
- // add 'remove_child_nodes' privilge at 'path'...
+ // add 'remove_child_nodes' privilege at 'path'...
givePrivileges(path, rmChildNodes, getRestrictions(superuser, path));
- // ... and add 'remove_node' privilge at 'childNPath'
+ // ... and add 'remove_node' privilege at 'childNPath'
givePrivileges(childNPath, rmNode, getRestrictions(superuser, childNPath));
/*
expected result:
@@ -571,7 +571,7 @@
});
Privilege[] rmNode = privilegesFromName(Privilege.JCR_REMOVE_NODE);
- // add 'remove_child_nodes' and 'remove_node' privilge at 'path'
+ // add 'remove_child_nodes' and 'remove_node' privilege at 'path'
givePrivileges(path, privs, getRestrictions(superuser, path));
// ... but deny 'remove_node' at childNPath
withdrawPrivileges(childNPath, rmNode, getRestrictions(superuser, childNPath));
@@ -610,7 +610,7 @@
*/
assertFalse(testSession.hasPermission(childNPath, javax.jcr.Session.ACTION_REMOVE));
- // additionally add remove_child_nodes priv at 'childNPath'
+ // additionally add remove_child_nodes privilege at 'childNPath'
givePrivileges(childNPath, rmChildNodes, getRestrictions(superuser, childNPath));
/*
expected result:
@@ -781,7 +781,7 @@
*/
checkReadOnly(path);
- /* explicitely withdraw MODIFY_PROPERTIES for the user */
+ /* explicitly withdraw MODIFY_PROPERTIES for the user */
Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
withdrawPrivileges(path, testUser.getPrincipal(), privileges, getRestrictions(superuser, path));
/* give MODIFY_PROPERTIES privilege for a Group the test-user is member of */
@@ -820,7 +820,7 @@
/*
give MODIFY_PROPERTIES privilege for everyone at 'childNPath'
- -> user-privileges still overrule group privs
+ -> user-privileges still overrule group privileges
*/
givePrivileges(childNPath, testGroup.getPrincipal(), privileges, getRestrictions(superuser, path));
assertFalse(testAcMgr.hasPrivileges(childNPath, privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES)));
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java Wed Sep 2 21:30:15 2009
@@ -27,6 +27,7 @@
import javax.jcr.Node;
import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.AccessControlPolicyIterator;
@@ -88,8 +89,8 @@
public void testGetRestrictionType() {
String[] names = templ.getRestrictionNames();
- for (int i = 0; i < names.length; i++) {
- int type = templ.getRestrictionType(names[i]);
+ for (String name : names) {
+ int type = templ.getRestrictionType(name);
assertTrue(type > PropertyType.UNDEFINED);
}
}
@@ -115,14 +116,13 @@
Privilege[] priv = privilegesFromName(Privilege.JCR_ALL);
List entriesBefore = Arrays.asList(templ.getAccessControlEntries());
- if (templ.addEntry(princ, priv, true, Collections.EMPTY_MAP)) {
+ if (templ.addEntry(princ, priv, true, Collections.<String, Value>emptyMap())) {
AccessControlEntry[] entries = templ.getAccessControlEntries();
if (entries.length == 0) {
fail("GrantPrivileges was successful -> at least 1 entry for principal.");
}
int allows = 0;
- for (int i = 0; i < entries.length; i++) {
- AccessControlEntry en = entries[i];
+ for (AccessControlEntry en : entries) {
int bits = PrivilegeRegistry.getBits(en.getPrivileges());
if (en instanceof JackrabbitAccessControlEntry && ((JackrabbitAccessControlEntry) en).isAllow()) {
allows |= bits;
@@ -140,12 +140,11 @@
Privilege[] privs = privilegesFromName(PrivilegeRegistry.REP_WRITE);
int allows = 0;
- templ.addEntry(princ, privs, true, Collections.EMPTY_MAP);
+ templ.addEntry(princ, privs, true, Collections.<String, Value>emptyMap());
AccessControlEntry[] entries = templ.getAccessControlEntries();
assertTrue("GrantPrivileges was successful -> at least 1 entry for principal.", entries.length > 0);
- for (int i = 0; i < entries.length; i++) {
- AccessControlEntry en = entries[i];
+ for (AccessControlEntry en : entries) {
int bits = PrivilegeRegistry.getBits(en.getPrivileges());
if (en instanceof JackrabbitAccessControlEntry && ((JackrabbitAccessControlEntry) en).isAllow()) {
allows |= bits;
@@ -159,14 +158,13 @@
Privilege[] grPriv = privilegesFromName(PrivilegeRegistry.REP_WRITE);
Privilege[] dePriv = privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES);
- templ.addEntry(princ, grPriv, true, Collections.EMPTY_MAP);
- templ.addEntry(princ, dePriv, false, Collections.EMPTY_MAP);
+ templ.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
+ templ.addEntry(princ, dePriv, false, Collections.<String, Value>emptyMap());
int allows = PrivilegeRegistry.NO_PRIVILEGE;
int denies = PrivilegeRegistry.NO_PRIVILEGE;
AccessControlEntry[] entries = templ.getAccessControlEntries();
- for (int i = 0; i < entries.length; i++) {
- AccessControlEntry en = entries[i];
+ for (AccessControlEntry en : entries) {
if (princ.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry) {
JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
int entryBits = PrivilegeRegistry.getBits(ace.getPrivileges());
@@ -188,12 +186,12 @@
Principal princ = getValidPrincipal();
Privilege[] grPriv = privilegesFromName(PrivilegeRegistry.REP_WRITE);
- templ.addEntry(princ, grPriv, true, Collections.EMPTY_MAP);
+ templ.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
AccessControlEntry[] entries = templ.getAccessControlEntries();
int length = entries.length;
assertTrue("Grant was both successful -> at least 1 entry.", length > 0);
- for (int i = 0; i < entries.length; i++) {
- templ.removeAccessControlEntry(entries[i]);
+ for (AccessControlEntry entry : entries) {
+ templ.removeAccessControlEntry(entry);
length = length - 1;
assertEquals(length, templ.size());
assertEquals(length, templ.getAccessControlEntries().length);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java Wed Sep 2 21:30:15 2009
@@ -85,7 +85,7 @@
public void testRegisteredPrivileges() throws RepositoryException {
Privilege[] ps = privilegeRegistry.getRegisteredPrivileges();
- List l = new ArrayList(Arrays.asList(ps));
+ List<Privilege> l = new ArrayList<Privilege>(Arrays.asList(ps));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_READ)));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_ADD_CHILD_NODES)));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES)));
@@ -110,7 +110,7 @@
assertTrue(p.isAggregate());
assertFalse(p.isAbstract());
- List l = new ArrayList(Arrays.asList(p.getAggregatePrivileges()));
+ List<Privilege> l = new ArrayList<Privilege>(Arrays.asList(p.getAggregatePrivileges()));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_READ)));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_ADD_CHILD_NODES)));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES)));
@@ -125,7 +125,7 @@
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
assertTrue(l.isEmpty());
- l = new ArrayList(Arrays.asList(p.getDeclaredAggregatePrivileges()));
+ l = new ArrayList<Privilege>(Arrays.asList(p.getDeclaredAggregatePrivileges()));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_READ)));
assertTrue(l.remove(privilegeRegistry.getPrivilege(Privilege.JCR_WRITE)));
assertTrue(l.remove(privilegeRegistry.getPrivilege(PrivilegeRegistry.REP_WRITE)));
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java Wed Sep 2 21:30:15 2009
@@ -26,6 +26,7 @@
import org.apache.jackrabbit.test.NotExecutableException;
import javax.jcr.RepositoryException;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.Privilege;
import java.security.Principal;
@@ -51,30 +52,30 @@
public void testMultipleEntryEffect() throws RepositoryException, NotExecutableException {
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
- pt.addEntry(testPrincipal, privileges, true, Collections.EMPTY_MAP);
+ pt.addEntry(testPrincipal, privileges, true, Collections.<String, Value>emptyMap());
- // new entry extends privs.
+ // new entry extends privileges.
privileges = privilegesFromNames(new String[] {
Privilege.JCR_READ,
Privilege.JCR_ADD_CHILD_NODES});
assertTrue(pt.addEntry(testPrincipal,
privileges,
- true, Collections.EMPTY_MAP));
+ true, Collections.<String, Value>emptyMap()));
// net-effect: only a single allow-entry with both privileges
assertTrue(pt.size() == 1);
assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges());
- // adding just ADD_CHILD_NODES -> must not remove READ priv
+ // adding just ADD_CHILD_NODES -> must not remove READ privilege
Privilege[] achPrivs = privilegesFromName(Privilege.JCR_ADD_CHILD_NODES);
- assertFalse(pt.addEntry(testPrincipal, achPrivs, true, Collections.EMPTY_MAP));
- // net-effect: only a single allow-entry with add_child_nodes + read priv
+ assertFalse(pt.addEntry(testPrincipal, achPrivs, true, Collections.<String, Value>emptyMap()));
+ // net-effect: only a single allow-entry with add_child_nodes + read privilege
assertTrue(pt.size() == 1);
assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges());
// revoke the 'READ' privilege
privileges = privilegesFromName(Privilege.JCR_READ);
- assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.EMPTY_MAP));
+ assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.<String, Value>emptyMap()));
// net-effect: 2 entries one allowing ADD_CHILD_NODES, the other denying READ
assertTrue(pt.size() == 2);
assertSamePrivileges(privilegesFromName(Privilege.JCR_ADD_CHILD_NODES),
@@ -105,8 +106,8 @@
// net-effect: 2 entries with the allow entry being adjusted
assertTrue(pt.size() == 2);
AccessControlEntry[] entries = pt.getAccessControlEntries();
- for (int i = 0; i < entries.length; i++) {
- ACLTemplate.Entry entry = (ACLTemplate.Entry) entries[i];
+ for (AccessControlEntry entry1 : entries) {
+ ACLTemplate.Entry entry = (ACLTemplate.Entry) entry1;
int privs = entry.getPrivilegeBits();
if (entry.isAllow()) {
int bits = PrivilegeRegistry.getBits(privileges) ^ PrivilegeRegistry.getBits(privileges2);
@@ -137,7 +138,7 @@
pt.addAccessControlEntry(testPrincipal, privs);
assertFalse(pt.addAccessControlEntry(testPrincipal, privs));
- // add same privs for another principal -> must modify as well.
+ // add same privileges for another principal -> must modify as well.
assertTrue(pt.addAccessControlEntry(everyone, privs));
// .. 2 entries must be present.
assertTrue(pt.getAccessControlEntries().length == 2);
@@ -159,10 +160,10 @@
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
- pt.addEntry(testPrincipal, privileges, true, Collections.EMPTY_MAP);
+ pt.addEntry(testPrincipal, privileges, true, Collections.<String, Value>emptyMap());
// same entry but with revers 'isAllow' flag
- assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.EMPTY_MAP));
+ assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.<String, Value>emptyMap()));
// net-effect: only a single deny-read entry
assertTrue(pt.size() == 1);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EvaluationUtil.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EvaluationUtil.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EvaluationUtil.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EvaluationUtil.java Wed Sep 2 21:30:15 2009
@@ -22,6 +22,7 @@
import javax.jcr.AccessDeniedException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.AccessControlPolicyIterator;
@@ -41,13 +42,14 @@
return true;
}
} catch (RepositoryException e) {
+ // ignore
}
return false;
}
static JackrabbitAccessControlList getPolicy(AccessControlManager acM, String path, Principal principal) throws RepositoryException,
AccessDeniedException, NotExecutableException {
- // try applicable (new) acls first
+ // try applicable (new) ACLs first
AccessControlPolicyIterator itr = acM.getApplicablePolicies(path);
while (itr.hasNext()) {
AccessControlPolicy policy = itr.nextAccessControlPolicy();
@@ -57,8 +59,7 @@
}
// try if there is an acl that has been set before:
AccessControlPolicy[] pcls = acM.getPolicies(path);
- for (int i = 0; i < pcls.length; i++) {
- AccessControlPolicy policy = pcls[i];
+ for (AccessControlPolicy policy : pcls) {
if (policy instanceof ACLTemplate) {
return (ACLTemplate) policy;
}
@@ -67,7 +68,7 @@
throw new NotExecutableException();
}
- static Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
- return Collections.EMPTY_MAP;
+ static Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ return Collections.emptyMap();
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/LockTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/LockTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/LockTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/LockTest.java Wed Sep 2 21:30:15 2009
@@ -22,6 +22,7 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import java.security.Principal;
import java.util.Map;
@@ -37,7 +38,7 @@
RepositoryException, NotExecutableException {
return EvaluationUtil.getPolicy(acMgr, path, princ);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/NodeTypeTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/NodeTypeTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/NodeTypeTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/NodeTypeTest.java Wed Sep 2 21:30:15 2009
@@ -22,6 +22,7 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import java.security.Principal;
import java.util.Map;
@@ -37,7 +38,7 @@
RepositoryException, NotExecutableException {
return EvaluationUtil.getPolicy(acMgr, path, princ);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/VersionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/VersionTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/VersionTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/VersionTest.java Wed Sep 2 21:30:15 2009
@@ -22,6 +22,7 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import java.security.Principal;
import java.util.Map;
@@ -37,7 +38,7 @@
RepositoryException, NotExecutableException {
return EvaluationUtil.getPolicy(acMgr, path, princ);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/WriteTest.java Wed Sep 2 21:30:15 2009
@@ -27,6 +27,7 @@
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.AccessControlPolicyIterator;
@@ -48,8 +49,8 @@
return EvaluationUtil.getPolicy(acM, path, principal);
}
- protected Map getRestrictions(Session s, String path) {
- return Collections.EMPTY_MAP;
+ protected Map<String, Value> getRestrictions(Session s, String path) {
+ return Collections.emptyMap();
}
public void testAccessControlModification2() throws RepositoryException, NotExecutableException {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/combined/WriteTest.java Wed Sep 2 21:30:15 2009
@@ -29,6 +29,7 @@
import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.Privilege;
@@ -58,10 +59,9 @@
private JackrabbitAccessControlList getPrincipalBasedPolicy(AccessControlManager acM, String path, Principal principal) throws RepositoryException, AccessDeniedException, NotExecutableException {
if (acM instanceof JackrabbitAccessControlManager) {
AccessControlPolicy[] tmpls = ((JackrabbitAccessControlManager) acM).getApplicablePolicies(principal);
- for (int i = 0; i < tmpls.length; i++) {
- if (tmpls[i] instanceof JackrabbitAccessControlList) {
- JackrabbitAccessControlList acl = (JackrabbitAccessControlList) tmpls[i];
- return acl;
+ for (AccessControlPolicy tmpl : tmpls) {
+ if (tmpl instanceof JackrabbitAccessControlList) {
+ return (JackrabbitAccessControlList) tmpl;
}
}
}
@@ -71,7 +71,7 @@
private JackrabbitAccessControlList givePrivileges(String nPath,
Principal principal,
Privilege[] privileges,
- Map restrictions,
+ Map<String, Value> restrictions,
boolean nodeBased) throws NotExecutableException, RepositoryException {
if (nodeBased) {
return givePrivileges(nPath, principal, privileges, getRestrictions(superuser, nPath));
@@ -87,7 +87,7 @@
private JackrabbitAccessControlList withdrawPrivileges(String nPath,
Principal principal,
Privilege[] privileges,
- Map restrictions,
+ Map<String, Value> restrictions,
boolean nodeBased) throws NotExecutableException, RepositoryException {
if (nodeBased) {
return withdrawPrivileges(nPath, principal, privileges, getRestrictions(superuser, nPath));
@@ -100,9 +100,9 @@
}
}
- private Map getPrincipalBasedRestrictions(String path) throws RepositoryException, NotExecutableException {
+ private Map<String, Value> getPrincipalBasedRestrictions(String path) throws RepositoryException, NotExecutableException {
if (superuser instanceof SessionImpl) {
- Map restr = new HashMap();
+ Map<String, Value> restr = new HashMap<String, Value>();
restr.put("rep:nodePath", superuser.getValueFactory().createValue(path, PropertyType.PATH));
return restr;
} else {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java Wed Sep 2 21:30:15 2009
@@ -33,7 +33,6 @@
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
@@ -42,7 +41,7 @@
*/
public class EntryTest extends AbstractEntryTest {
- private Map restrictions;
+ private Map<String, Value> restrictions;
private ACLTemplate acl;
private String nodePath;
@@ -59,7 +58,7 @@
throw new NotExecutableException();
}
- restrictions = new HashMap(2);
+ restrictions = new HashMap<String, Value>(2);
restrictions.put(nodePath, superuser.getValueFactory().createValue("/a/b/c/d", PropertyType.PATH));
restrictions.put(glob, superuser.getValueFactory().createValue("*"));
acl = new ACLTemplate(testPrincipal, testPath, (SessionImpl) superuser, superuser.getValueFactory());
@@ -70,7 +69,7 @@
return (JackrabbitAccessControlEntry) acl.createEntry(principal, privileges, isAllow, restrictions);
}
- private JackrabbitAccessControlEntry createEntry(Principal principal, Privilege[] privileges, boolean isAllow, Map restrictions)
+ private JackrabbitAccessControlEntry createEntry(Principal principal, Privilege[] privileges, boolean isAllow, Map<String, Value> restrictions)
throws RepositoryException {
return (JackrabbitAccessControlEntry) acl.createEntry(principal, privileges, isAllow, restrictions);
}
@@ -78,7 +77,7 @@
public void testNodePathMustNotBeNull() throws RepositoryException, NotExecutableException {
try {
Privilege[] privs = privilegesFromName(Privilege.JCR_ALL);
- createEntry(testPrincipal, privs, true, Collections.EMPTY_MAP);
+ createEntry(testPrincipal, privs, true, Collections.<String, Value>emptyMap());
fail("NodePath cannot not be null");
} catch (AccessControlException e) {
// success
@@ -101,19 +100,19 @@
assertEquals(restrictions.get(glob), pe.getRestriction(glob));
assertEquals(PropertyType.STRING, pe.getRestriction(glob).getType());
- Map restr = new HashMap();
+ Map<String, Value> restr = new HashMap<String, Value>();
restr.put(nodePath, restrictions.get(nodePath));
pe = createEntry(testPrincipal, privs, true, restr);
assertNull(pe.getRestriction(glob));
- restr = new HashMap();
+ restr = new HashMap<String, Value>();
restr.put(nodePath, restrictions.get(nodePath));
restr.put(glob, new StringValue(""));
pe = createEntry(testPrincipal, privs, true, restr);
assertEquals("", pe.getRestriction(glob).getString());
- restr = new HashMap();
+ restr = new HashMap<String, Value>();
restr.put(nodePath, restrictions.get(nodePath));
restr.put(glob, new BooleanValue(true));
assertEquals(PropertyType.STRING, pe.getRestriction(glob).getType());
@@ -124,14 +123,14 @@
// match the required ones.
Privilege[] privs = privilegesFromName(Privilege.JCR_ALL);
- Map restr = new HashMap();
+ Map<String, Value> restr = new HashMap<String, Value>();
restr.put(nodePath, new StringValue("/a/b/c/d"));
JackrabbitAccessControlEntry pe = createEntry(testPrincipal, privs, true, restr);
assertEquals("/a/b/c/d", pe.getRestriction(nodePath).getString());
assertEquals(PropertyType.PATH, pe.getRestriction(nodePath).getType());
- restr = new HashMap();
+ restr = new HashMap<String, Value>();
restr.put(nodePath, restrictions.get(nodePath));
restr.put(glob, new BooleanValue(true));
pe = createEntry(testPrincipal, privs, true, restr);
@@ -144,25 +143,22 @@
Privilege[] privs = new Privilege[] {acMgr.privilegeFromName(Privilege.JCR_ALL)};
ACLTemplate.Entry ace = (ACLTemplate.Entry) createEntry(testPrincipal, privs, true);
- String nPath = ((Value) restrictions.get(nodePath)).getString();
- List toMatch = new ArrayList();
+ String nPath = restrictions.get(nodePath).getString();
+ List<String> toMatch = new ArrayList<String>();
toMatch.add(nPath + "/any");
toMatch.add(nPath + "/anyother");
toMatch.add(nPath + "/f/g/h");
toMatch.add(nPath);
- for (Iterator it = toMatch.iterator(); it.hasNext();) {
- String str = it.next().toString();
+ for (String str : toMatch) {
assertTrue("Restrictions should match " + str, ace.matches(str));
}
- List notToMatch = new ArrayList();
+ List<String> notToMatch = new ArrayList<String>();
notToMatch.add(null);
notToMatch.add("");
notToMatch.add("/");
notToMatch.add("/a/b/c/");
- for (Iterator it = notToMatch.iterator(); it.hasNext();) {
- Object obj = it.next();
- String str = (obj == null) ? null : obj.toString();
+ for (String str : notToMatch) {
assertFalse("Restrictions shouldn't match " + str, ace.matches(str));
}
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EvaluationUtil.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EvaluationUtil.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EvaluationUtil.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EvaluationUtil.java Wed Sep 2 21:30:15 2009
@@ -25,11 +25,11 @@
import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import java.security.Principal;
import java.util.HashMap;
-import java.util.Iterator;
import java.util.Map;
/**
@@ -39,18 +39,17 @@
static boolean isExecutable(SessionImpl s, AccessControlManager acMgr) {
if (acMgr instanceof JackrabbitAccessControlManager) {
- for (Iterator it = s.getSubject().getPrincipals().iterator(); it.hasNext();) {
- Principal princ = (Principal) it.next();
+ for (Principal princ : s.getSubject().getPrincipals()) {
try {
AccessControlPolicy[] policies = ((JackrabbitAccessControlManager) acMgr).getApplicablePolicies(princ);
- for (int i = 0; i < policies.length; i++) {
- if (policies[i] instanceof ACLTemplate) {
+ for (AccessControlPolicy policy : policies) {
+ if (policy instanceof ACLTemplate) {
return true;
}
}
policies = ((JackrabbitAccessControlManager) acMgr).getPolicies(princ);
- for (int i = 0; i < policies.length; i++) {
- if (policies[i] instanceof ACLTemplate) {
+ for (AccessControlPolicy policy : policies) {
+ if (policy instanceof ACLTemplate) {
return true;
}
}
@@ -62,33 +61,33 @@
return false;
}
- static JackrabbitAccessControlList getPolicy(AccessControlManager acM, String path, Principal principal) throws RepositoryException,
- AccessDeniedException, NotExecutableException {
+ static JackrabbitAccessControlList getPolicy(AccessControlManager acM,
+ String path,
+ Principal principal)
+ throws RepositoryException, AccessDeniedException, NotExecutableException {
if (acM instanceof JackrabbitAccessControlManager) {
// first try applicable policies
AccessControlPolicy[] policies = ((JackrabbitAccessControlManager) acM).getApplicablePolicies(principal);
- for (int i = 0; i < policies.length; i++) {
- if (policies[i] instanceof ACLTemplate) {
- ACLTemplate acl = (ACLTemplate) policies[i];
- return acl;
+ for (AccessControlPolicy policy : policies) {
+ if (policy instanceof ACLTemplate) {
+ return (ACLTemplate) policy;
}
}
// second existing policies
policies = ((JackrabbitAccessControlManager) acM).getPolicies(principal);
- for (int i = 0; i < policies.length; i++) {
- if (policies[i] instanceof ACLTemplate) {
- ACLTemplate acl = (ACLTemplate) policies[i];
- return acl;
+ for (AccessControlPolicy policy : policies) {
+ if (policy instanceof ACLTemplate) {
+ return (ACLTemplate) policy;
}
}
}
throw new NotExecutableException();
}
- static Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ static Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
if (s instanceof SessionImpl) {
- Map restr = new HashMap();
+ Map<String, Value> restr = new HashMap<String, Value>();
restr.put(((SessionImpl) s).getJCRName(ACLTemplate.P_NODE_PATH), s.getValueFactory().createValue(path, PropertyType.PATH));
return restr;
} else {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/LockTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/LockTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/LockTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/LockTest.java Wed Sep 2 21:30:15 2009
@@ -23,6 +23,7 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import java.security.Principal;
import java.util.Map;
@@ -40,7 +41,7 @@
RepositoryException, NotExecutableException {
return EvaluationUtil.getPolicy(acMgr, path, princ);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/NodeTypeTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/NodeTypeTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/NodeTypeTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/NodeTypeTest.java Wed Sep 2 21:30:15 2009
@@ -23,6 +23,7 @@
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import java.security.Principal;
import java.util.Map;
@@ -40,7 +41,7 @@
RepositoryException, NotExecutableException {
return EvaluationUtil.getPolicy(acMgr, path, princ);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/VersionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/VersionTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/VersionTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/VersionTest.java Wed Sep 2 21:30:15 2009
@@ -29,6 +29,7 @@
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
import java.security.Principal;
@@ -51,7 +52,7 @@
RepositoryException, NotExecutableException {
return EvaluationUtil.getPolicy(acMgr, path, princ);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java?rev=810703&r1=810702&r2=810703&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/WriteTest.java Wed Sep 2 21:30:15 2009
@@ -28,13 +28,12 @@
import org.apache.jackrabbit.core.security.TestPrincipal;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.util.Text;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import javax.jcr.AccessDeniedException;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
import java.security.Principal;
@@ -45,8 +44,6 @@
*/
public class WriteTest extends AbstractWriteTest {
- private static Logger log = LoggerFactory.getLogger(WriteTest.class);
-
protected boolean isExecutable() {
return EvaluationUtil.isExecutable((SessionImpl) superuser, acMgr);
}
@@ -55,7 +52,7 @@
return EvaluationUtil.getPolicy(acM, path, principal);
}
- protected Map getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
+ protected Map<String, Value> getRestrictions(Session s, String path) throws RepositoryException, NotExecutableException {
return EvaluationUtil.getRestrictions(s, path);
}
@@ -63,8 +60,8 @@
public void testAutocreatedProperties() throws RepositoryException, NotExecutableException {
givePrivileges(path, testUser.getPrincipal(), privilegesFromName(PrivilegeRegistry.REP_WRITE), getRestrictions(superuser, path));
- // testuser is not allowed to READ the protected property jcr:created.
- Map restr = getRestrictions(superuser, path);
+ // test user is not allowed to READ the protected property jcr:created.
+ Map<String, Value> restr = getRestrictions(superuser, path);
restr.put(((SessionImpl) superuser).getJCRName(ACLTemplate.P_GLOB), superuser.getValueFactory().createValue("/afolder/jcr:created"));
withdrawPrivileges(path, testUser.getPrincipal(), privilegesFromName(Privilege.JCR_READ), restr);