You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2020/09/25 13:53:57 UTC
svn commit: r1882018 - in /jackrabbit/oak/trunk/oak-core: ./
src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/
Author: angela
Date: Fri Sep 25 13:53:57 2020
New Revision: 1882018
URL: http://svn.apache.org/viewvc?rev=1882018&view=rev
Log:
OAK-9237 : Improve tests in o.a.j.oak.security.authorization.accesscontrol
Modified:
jackrabbit/oak/trunk/oak-core/pom.xml
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AbstractAccessControlTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporterBaseTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerLimitedPermissionsTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsAbortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBaseTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsIgnoreTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/EntryTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/NodeACLTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PolicyOwnerImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PrincipalACLTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedPrivilegeNamesTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedRestrictionNamesTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/TestUtility.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/UtilTest.java
Modified: jackrabbit/oak/trunk/oak-core/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/pom.xml?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-core/pom.xml Fri Sep 25 13:53:57 2020
@@ -191,7 +191,7 @@
<limit>
<counter>BRANCH</counter>
<value>COVEREDRATIO</value>
- <minimum>0.98</minimum>
+ <minimum>0.99</minimum>
</limit>
</limits>
</rule>
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AbstractAccessControlTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AbstractAccessControlTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AbstractAccessControlTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AbstractAccessControlTest.java Fri Sep 25 13:53:57 2020
@@ -51,7 +51,7 @@ public abstract class AbstractAccessCont
static final String TEST_PATH = "/testPath";
- PrivilegeManager privilegeManager;
+ private PrivilegeManager privilegeManager;
PrincipalManager principalManager;
ACL acl;
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporterBaseTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporterBaseTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporterBaseTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporterBaseTest.java Fri Sep 25 13:53:57 2020
@@ -16,20 +16,6 @@
*/
package org.apache.jackrabbit.oak.security.authorization.accesscontrol;
-import java.util.ArrayList;
-import java.util.List;
-import javax.jcr.ImportUUIDBehavior;
-import javax.jcr.PropertyType;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.Value;
-import javax.jcr.ValueFormatException;
-import javax.jcr.nodetype.ConstraintViolationException;
-import javax.jcr.security.AccessControlException;
-import javax.jcr.security.AccessControlList;
-import javax.jcr.security.AccessControlManager;
-import javax.jcr.security.AccessControlPolicy;
-
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
@@ -38,11 +24,10 @@ import org.apache.jackrabbit.api.Jackrab
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
-import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.commons.PathUtils;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
@@ -56,18 +41,30 @@ import org.apache.jackrabbit.oak.spi.xml
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import org.apache.jackrabbit.oak.spi.xml.ReferenceChangeTracker;
import org.apache.jackrabbit.oak.spi.xml.TextValue;
-import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
import org.jetbrains.annotations.NotNull;
import org.junit.Test;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.stubbing.Answer;
+import javax.jcr.ImportUUIDBehavior;
+import javax.jcr.PropertyType;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.Value;
+import javax.jcr.ValueFormatException;
+import javax.jcr.nodetype.ConstraintViolationException;
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.AccessControlList;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.AccessControlPolicy;
+import java.util.ArrayList;
+import java.util.List;
+
import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
import static org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants.NT_OAK_UNSTRUCTURED;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
-import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
@@ -77,11 +74,11 @@ import static org.mockito.Mockito.withSe
public abstract class AccessControlImporterBaseTest extends AbstractSecurityTest implements AccessControlConstants {
final NodeInfo aceGrantInfo = new NodeInfo("grantAceName", NT_REP_GRANT_ACE, ImmutableList.of(), null);
- final NodeInfo aceDenyInfo = new NodeInfo("denyAceName", NT_REP_DENY_ACE, ImmutableList.of(), null);
- final NodeInfo restrInfo = new NodeInfo("anyRestrName", NT_REP_RESTRICTIONS, ImmutableList.of(), null);
+ private final NodeInfo aceDenyInfo = new NodeInfo("denyAceName", NT_REP_DENY_ACE, ImmutableList.of(), null);
+ private final NodeInfo restrInfo = new NodeInfo("anyRestrName", NT_REP_RESTRICTIONS, ImmutableList.of(), null);
final PropInfo unknownPrincipalInfo = new PropInfo(REP_PRINCIPAL_NAME, PropertyType.STRING, createTextValue("unknownPrincipal"));
- Tree accessControlledTree;
+ private Tree accessControlledTree;
Tree aclTree;
AccessControlImporter importer;
@@ -216,12 +213,8 @@ public abstract class AccessControlImpor
@Test
public void testInitCausesRepositoryException() {
- JackrabbitSession s = mock(JackrabbitSession.class, withSettings().defaultAnswer(new Answer() {
-
- @Override
- public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
- throw new RepositoryException();
- }
+ JackrabbitSession s = mock(JackrabbitSession.class, withSettings().defaultAnswer(invocationOnMock -> {
+ throw new RepositoryException();
}));
// session methods are only invoked for session-imports
assertEquals(isWorkspaceImport(), importer.init(s, root, getNamePathMapper(), isWorkspaceImport(), ImportUUIDBehavior.IMPORT_UUID_COLLISION_REPLACE_EXISTING, new ReferenceChangeTracker(), getSecurityProvider()));
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java Fri Sep 25 13:53:57 2020
@@ -95,6 +95,7 @@ import static com.google.common.base.Pre
import static com.google.common.collect.Sets.newHashSet;
import static java.util.Collections.singletonMap;
import static org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants.NT_OAK_UNSTRUCTURED;
+import static org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants.JCR_LOCK_MANAGEMENT;
import static org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants.JCR_READ;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
@@ -247,10 +248,10 @@ public class AccessControlManagerImplTes
}
@NotNull
- private Map<String, Value[]> getMvRestriction(@NotNull String name, int type, @NotNull String... values) throws ValueFormatException {
+ private Map<String, Value[]> getMvRestriction(@NotNull String name, @NotNull String... values) throws ValueFormatException {
List<Value> list = new ArrayList<>();
for (String v : values) {
- list.add(valueFactory.createValue(v, type));
+ list.add(valueFactory.createValue(v, PropertyType.NAME));
}
return ImmutableMap.of(name, list.toArray(new Value[0]));
}
@@ -925,7 +926,7 @@ public class AccessControlManagerImplTes
ACL policy = setupPolicy(testPath, testPrivileges);
assertEquals(1, policy.size());
- Tree policyTree = root.getTree(policy.getPath()).getChild(REP_POLICY);
+ Tree policyTree = root.getTree(testPath).getChild(REP_POLICY);
TreeUtil.addChild(policyTree, "child", NT_OAK_UNSTRUCTURED);
AccessControlPolicy[] policies = acMgr.getPolicies(testPath);
@@ -933,6 +934,21 @@ public class AccessControlManagerImplTes
assertEquals(1, ((ACL) policies[0]).size());
}
+ @Test
+ public void testGetPoliciesWithInvalidatedPrivileges() throws Exception {
+ ACL policy = setupPolicy(testPath, privilegesFromNames(JCR_LOCK_MANAGEMENT));
+ assertEquals(1, policy.size());
+
+ Tree privTree = root.getTree(PrivilegeConstants.PRIVILEGES_PATH).getChild(JCR_LOCK_MANAGEMENT);
+ privTree.remove();
+
+ AccessControlPolicy[] policies = acMgr.getPolicies(testPath);
+ assertPolicies(policies, 1);
+ ACL acl = (ACL) policies[0];
+ assertEquals(1, acl.size());
+ Privilege[] privs = acl.getAccessControlEntries()[0].getPrivileges();
+ assertArrayEquals(new Privilege[0], privs);
+ }
//---------------------------------------< getEffectivePolicies(String) >---
@Test
@@ -1019,9 +1035,9 @@ public class AccessControlManagerImplTes
@Test
public void testGetEffectivePoliciesMatchingRestriction() throws Exception {
ACL policy = TestUtility.setupPolicy(acMgr, testPath, testPrincipal, privilegesFromNames(JCR_READ), true, null,
- getMvRestriction(REP_ITEM_NAMES, PropertyType.NAME,"child"));
+ getMvRestriction(REP_ITEM_NAMES, "child"));
policy.addEntry(EveryonePrincipal.getInstance(), testPrivileges, false, null,
- getMvRestriction(REP_ITEM_NAMES, PropertyType.NAME,"notMatching"));
+ getMvRestriction(REP_ITEM_NAMES, "notMatching"));
acMgr.setPolicy(policy.getPath(), policy);
Tree child = TreeUtil.addChild(root.getTree(testPath), "child", JcrConstants.NT_UNSTRUCTURED);
@@ -1048,7 +1064,7 @@ public class AccessControlManagerImplTes
@Test
public void testGetEffectivePoliciesMatchingPropertyRestriction() throws Exception {
TestUtility.setupPolicy(acMgr, testPath, testPrincipal, privilegesFromNames(JCR_READ), false, null,
- getMvRestriction(REP_ITEM_NAMES, PropertyType.NAME, JcrConstants.JCR_PRIMARYTYPE));
+ getMvRestriction(REP_ITEM_NAMES, JcrConstants.JCR_PRIMARYTYPE));
Tree child = TreeUtil.addChild(root.getTree(testPath), "child", JcrConstants.NT_UNSTRUCTURED);
Tree grandChild = TreeUtil.addChild(child, "child", JcrConstants.NT_UNSTRUCTURED);
@@ -1062,7 +1078,7 @@ public class AccessControlManagerImplTes
@Test
public void testGetEffectivePoliciesNotMatchingRestriction() throws Exception {
TestUtility.setupPolicy(acMgr, testPath, testPrincipal, privilegesFromNames(JCR_READ), true, null,
- getMvRestriction(REP_NT_NAMES, PropertyType.NAME,NT_OAK_UNSTRUCTURED));
+ getMvRestriction(REP_NT_NAMES, NT_OAK_UNSTRUCTURED));
Tree child = TreeUtil.addChild(root.getTree(testPath), "child", NT_OAK_UNSTRUCTURED);
Tree grandChild = TreeUtil.addChild(child, "grandChild", JcrConstants.NT_UNSTRUCTURED);
@@ -1300,28 +1316,18 @@ public class AccessControlManagerImplTes
}
}
- @Test
+ @Test(expected = PathNotFoundException.class)
public void testSetPolicyPropertyPath() throws Exception {
- try {
- String path = "/jcr:primaryType";
- AccessControlPolicy acl = createPolicy(path);
- acMgr.setPolicy(path, acl);
- fail("Setting access control policy at property path should fail");
- } catch (PathNotFoundException e) {
- // success
- }
+ String path = "/jcr:primaryType";
+ AccessControlPolicy acl = createPolicy(path);
+ acMgr.setPolicy(path, acl);
}
- @Test
+ @Test(expected = PathNotFoundException.class)
public void testSetPolicyNonExistingNodePath() throws Exception {
- try {
- String path = "/non/existing";
- AccessControlPolicy acl = createPolicy(path);
- acMgr.setPolicy(path, acl);
- fail("Setting access control policy for non-existing node path should fail");
- } catch (PathNotFoundException e) {
- // success
- }
+ String path = "/non/existing";
+ AccessControlPolicy acl = createPolicy(path);
+ acMgr.setPolicy(path, acl);
}
@Test
@@ -1470,28 +1476,18 @@ public class AccessControlManagerImplTes
}
}
- @Test
+ @Test(expected = PathNotFoundException.class)
public void testRemovePolicyPropertyPath() throws Exception {
- try {
- String path = "/jcr:primaryType";
- AccessControlPolicy acl = createPolicy(path);
- acMgr.removePolicy(path, acl);
- fail("Removing access control policy at property path should fail");
- } catch (PathNotFoundException e) {
- // success
- }
+ String path = "/jcr:primaryType";
+ AccessControlPolicy acl = createPolicy(path);
+ acMgr.removePolicy(path, acl);
}
- @Test
+ @Test(expected = PathNotFoundException.class)
public void testRemovePolicyNonExistingNodePath() throws Exception {
- try {
- String path = "/non/existing";
- AccessControlPolicy acl = createPolicy(path);
- acMgr.removePolicy(path, acl);
- fail("Removing access control policy for non-existing node path should fail");
- } catch (PathNotFoundException e) {
- // success
- }
+ String path = "/non/existing";
+ AccessControlPolicy acl = createPolicy(path);
+ acMgr.removePolicy(path, acl);
}
@Test
@@ -1524,17 +1520,12 @@ public class AccessControlManagerImplTes
}
//-----------------------------------< getApplicablePolicies(Principal) >---
- @Test
+ @Test(expected = AccessControlException.class)
public void testGetApplicablePoliciesNullPrincipal() throws Exception {
- try {
- acMgr.getApplicablePolicies((Principal) null);
- fail("Null is not a valid principal");
- } catch (AccessControlException e) {
- // success
- }
+ acMgr.getApplicablePolicies((Principal) null);
}
- @Test
+ @Test(expected = AccessControlException.class)
public void testGetApplicablePoliciesInvalidPrincipal() throws Exception {
Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
int i = 0;
@@ -1542,12 +1533,8 @@ public class AccessControlManagerImplTes
unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
}
unknown = new InvalidTestPrincipal("unknown" + i);
- try {
- acMgr.getApplicablePolicies(unknown);
- fail("Unknown principal should be detected.");
- } catch (AccessControlException e) {
- // success
- }
+
+ acMgr.getApplicablePolicies(unknown);
}
@Test
@@ -1587,17 +1574,12 @@ public class AccessControlManagerImplTes
}
//---------------------------------------------< getPolicies(Principal) >---
- @Test
+ @Test(expected = AccessControlException.class)
public void testGetPoliciesNullPrincipal() throws Exception {
- try {
- acMgr.getPolicies((Principal) null);
- fail("Null is not a valid principal");
- } catch (AccessControlException e) {
- // success
- }
+ acMgr.getPolicies((Principal) null);
}
- @Test
+ @Test(expected = AccessControlException.class)
public void testGetPoliciesInvalidPrincipal() throws Exception {
Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
int i = 0;
@@ -1605,12 +1587,8 @@ public class AccessControlManagerImplTes
unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
}
unknown = new InvalidTestPrincipal("unknown" + i);
- try {
- acMgr.getPolicies(unknown);
- fail("Unknown principal should be detected.");
- } catch (AccessControlException e) {
- // success
- }
+
+ acMgr.getPolicies(unknown);
}
@Test
@@ -1836,7 +1814,6 @@ public class AccessControlManagerImplTes
root.commit();
}
}
-
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerLimitedPermissionsTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerLimitedPermissionsTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerLimitedPermissionsTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerLimitedPermissionsTest.java Fri Sep 25 13:53:57 2020
@@ -44,17 +44,14 @@ import javax.jcr.AccessDeniedException;
import javax.jcr.NamespaceRegistry;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
-import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
-import javax.jcr.security.AccessControlPolicyIterator;
import javax.jcr.security.Privilege;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
-import java.util.Map;
import java.util.Set;
import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_POLICY;
@@ -128,10 +125,9 @@ public class AccessControlManagerLimited
assertEquals(expectedSize, policies.length);
}
- @NotNull
- private ACL setupPolicy(@Nullable String path, @Nullable Privilege... privileges) throws RepositoryException {
+ private void setupPolicy(@Nullable String path, @Nullable Privilege... privileges) throws RepositoryException {
Privilege[] privs = (privileges == null || privileges.length == 0) ? testPrivileges : privileges;
- return TestUtility.setupPolicy(getAccessControlManager(root), path, testPrincipal, privs, true, TestUtility.getGlobRestriction("*", getValueFactory(root)), null);
+ TestUtility.setupPolicy(getAccessControlManager(root), path, testPrincipal, privs, true, TestUtility.getGlobRestriction("*", getValueFactory(root)), null);
}
@NotNull
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsAbortTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsAbortTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsAbortTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsAbortTest.java Fri Sep 25 13:53:57 2020
@@ -36,12 +36,12 @@ public class AdminPrincipalsAbortTest ex
}
@Override
- void assertResult(boolean success) throws Exception {
+ void assertResult(boolean success) {
fail("Adding an ACE for an admin principal should fail");
}
@Override
- void assertException() throws Exception {
+ void assertException() {
// success -> nothing to do
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBaseTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBaseTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBaseTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBaseTest.java Fri Sep 25 13:53:57 2020
@@ -41,7 +41,7 @@ public abstract class AdminPrincipalsBas
static final String ADMINISTRATORS_PRINCIPAL_NAME = "administrators";
AccessControlList acl;
- Principal administrativePrincipal;
+ private Principal administrativePrincipal;
@Override
public void before() throws Exception {
@@ -96,12 +96,7 @@ public abstract class AdminPrincipalsBas
@Test
public void testAdminPrincipal() throws Exception {
try {
- boolean success = acl.addAccessControlEntry(new AdminPrincipal() {
- @Override
- public String getName() {
- return "admin";
- }
- }, privilegesFromNames(PrivilegeConstants.JCR_READ));
+ boolean success = acl.addAccessControlEntry((AdminPrincipal) () -> "admin", privilegesFromNames(PrivilegeConstants.JCR_READ));
assertResult(success);
} catch (AccessControlException e) {
assertException();
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBestEffortTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBestEffortTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBestEffortTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsBestEffortTest.java Fri Sep 25 13:53:57 2020
@@ -44,7 +44,7 @@ public class AdminPrincipalsBestEffortTe
}
@Override
- void assertException() throws Exception {
+ void assertException() {
fail("Adding entry for administrative principal should succeed without throwing an exception");
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsIgnoreTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsIgnoreTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsIgnoreTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AdminPrincipalsIgnoreTest.java Fri Sep 25 13:53:57 2020
@@ -44,7 +44,7 @@ public class AdminPrincipalsIgnoreTest e
}
@Override
- void assertException() throws Exception {
+ void assertException() {
fail("Adding entry for administrative principal should be ignored without throwing an exception");
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/EntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/EntryTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/EntryTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/EntryTest.java Fri Sep 25 13:53:57 2020
@@ -16,24 +16,6 @@
*/
package org.apache.jackrabbit.oak.security.authorization.accesscontrol;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.jcr.PropertyType;
-import javax.jcr.RepositoryException;
-import javax.jcr.Value;
-import javax.jcr.ValueFactory;
-import javax.jcr.ValueFormatException;
-import javax.jcr.security.AccessControlEntry;
-import javax.jcr.security.AccessControlException;
-import javax.jcr.security.AccessControlManager;
-import javax.jcr.security.Privilege;
-
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
@@ -48,14 +30,32 @@ import org.jetbrains.annotations.Nullabl
import org.junit.Before;
import org.junit.Test;
+import javax.jcr.PropertyType;
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import javax.jcr.ValueFactory;
+import javax.jcr.ValueFormatException;
+import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.Privilege;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
public class EntryTest extends AbstractAccessControlTest {
@@ -71,11 +71,7 @@ public class EntryTest extends AbstractA
super.before();
acMgr = getAccessControlManager(root);
- testPrincipal = new Principal() {
- public String getName() {
- return "TestPrincipal";
- }
- };
+ testPrincipal = () -> "TestPrincipal";
ValueFactory valueFactory = getValueFactory(root);
globValue = valueFactory.createValue("*");
nameValue = valueFactory.createValue("nt:file", PropertyType.NAME);
@@ -99,12 +95,12 @@ public class EntryTest extends AbstractA
return createEntry(testPrincipal, true, restrictions, PrivilegeConstants.JCR_READ);
}
- private Restriction createRestriction(String name, Value value) throws Exception {
- return getRestrictionProvider().createRestriction("/a/b/c", name, value);
+ private Restriction createRestriction(Value value) throws Exception {
+ return getRestrictionProvider().createRestriction("/a/b/c", AccessControlConstants.REP_GLOB, value);
}
- private Restriction createRestriction(String name, Value[] values) throws Exception {
- return getRestrictionProvider().createRestriction("/a/b/c", name, values);
+ private Restriction createRestriction(Value[] values) throws Exception {
+ return getRestrictionProvider().createRestriction("/a/b/c", AccessControlConstants.REP_NT_NAMES, values);
}
@Test
@@ -124,17 +120,12 @@ public class EntryTest extends AbstractA
assertSame(testPrincipal, tmpl.getPrincipal());
}
- @Test
+ @Test(expected=AccessControlException.class)
public void testNullPrincipal() throws Exception {
- try {
- Privilege[] privs = new Privilege[]{
- acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL)
- };
- createEntry(null, privs, false);
- fail("Principal must not be null");
- } catch (AccessControlException e) {
- // success
- }
+ Privilege[] privs = new Privilege[]{
+ acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL)
+ };
+ createEntry(null, privs, false);
}
@Test
@@ -246,12 +237,12 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionNames() throws Exception {
// empty restrictions
- String[] restrictionNames = createEntry(Collections.<Restriction>emptySet()).getRestrictionNames();
+ String[] restrictionNames = createEntry(Collections.emptySet()).getRestrictionNames();
assertNotNull(restrictionNames);
assertEquals(0, restrictionNames.length);
- Restriction globRestr = createRestriction(AccessControlConstants.REP_GLOB, globValue);
- Restriction nameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, nameValues);
+ Restriction globRestr = createRestriction(globValue);
+ Restriction nameRestr = createRestriction(nameValues);
// single restriction
restrictionNames = createEntry(ImmutableSet.of(globRestr)).getRestrictionNames();
@@ -265,14 +256,14 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionForEmpty() throws Exception {
// empty restrictions
- Value val = createEntry(Collections.<Restriction>emptySet()).getRestriction(AccessControlConstants.REP_GLOB);
+ Value val = createEntry(Collections.emptySet()).getRestriction(AccessControlConstants.REP_GLOB);
assertNull(val);
}
@Test
public void testGetNonExistingRestriction() throws Exception {
// single valued restriction
- Restriction globRestr = createRestriction(AccessControlConstants.REP_GLOB, globValue);
+ Restriction globRestr = createRestriction(globValue);
ACE ace = createEntry(ImmutableSet.of(globRestr));
assertNull(ace.getRestriction(AccessControlConstants.REP_NT_NAMES));
}
@@ -280,7 +271,7 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionForSingleValued() throws Exception {
// single valued restriction
- Restriction globRestr = createRestriction(AccessControlConstants.REP_GLOB, globValue);
+ Restriction globRestr = createRestriction(globValue);
ACE ace = createEntry(ImmutableSet.of(globRestr));
Value val = ace.getRestriction(AccessControlConstants.REP_GLOB);
assertNotNull(val);
@@ -293,7 +284,7 @@ public class EntryTest extends AbstractA
@Test(expected = ValueFormatException.class)
public void testGetRestrictionForMultiValued() throws Exception {
// multivalued restriction
- Restriction nameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, nameValues);
+ Restriction nameRestr = createRestriction(nameValues);
ACE ace = createEntry(ImmutableSet.of(nameRestr));
ace.getRestriction(AccessControlConstants.REP_NT_NAMES);
@@ -305,7 +296,7 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionForMultiValued2() throws Exception {
// single value restriction stored in multi-value property
- Restriction singleNameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, new Value[] {nameValue});
+ Restriction singleNameRestr = createRestriction(new Value[] {nameValue});
ACE ace = createEntry(ImmutableSet.of(singleNameRestr));
Value val = ace.getRestriction(AccessControlConstants.REP_NT_NAMES);
@@ -318,7 +309,7 @@ public class EntryTest extends AbstractA
@Test
public void testGetEmptyRestrictions() throws Exception {
// empty restrictions
- Value[] vs = createEntry(Collections.<Restriction>emptySet()).getRestrictions(AccessControlConstants.REP_GLOB);
+ Value[] vs = createEntry(Collections.emptySet()).getRestrictions(AccessControlConstants.REP_GLOB);
assertNull(vs);
}
@@ -327,7 +318,7 @@ public class EntryTest extends AbstractA
*/
@Test
public void testGetNonExistingRestrictions() throws Exception {
- Restriction nameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, nameValues);
+ Restriction nameRestr = createRestriction(nameValues);
ACE ace = createEntry(ImmutableSet.of(nameRestr));
assertNull(ace.getRestrictions(AccessControlConstants.REP_GLOB));
}
@@ -338,7 +329,7 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionsForSingleValue() throws Exception {
// single valued restriction
- Restriction globRestr = createRestriction(AccessControlConstants.REP_GLOB, globValue);
+ Restriction globRestr = createRestriction(globValue);
ACE ace = createEntry(ImmutableSet.of(globRestr));
Value[] vs = ace.getRestrictions(AccessControlConstants.REP_GLOB);
assertNotNull(vs);
@@ -351,9 +342,10 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionsForMultiValued() throws Exception {
// multivalued restriction
- Restriction nameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, nameValues);
+ Restriction nameRestr = createRestriction(nameValues);
ACE ace = createEntry(ImmutableSet.of(nameRestr));
Value[] vs = ace.getRestrictions(AccessControlConstants.REP_NT_NAMES);
+ assertNotNull(vs);
assertEquals(2, vs.length);
assertArrayEquals(nameValues, vs);
}
@@ -364,17 +356,18 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionsForMultiValued2() throws Exception {
// single value restriction stored in multi-value property
- Restriction singleNameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, new Value[]{nameValue});
+ Restriction singleNameRestr = createRestriction(new Value[]{nameValue});
ACE ace = createEntry(ImmutableSet.of(singleNameRestr));
Value[] vs = ace.getRestrictions(AccessControlConstants.REP_NT_NAMES);
+ assertNotNull(vs);
assertEquals(1, vs.length);
assertEquals(nameValue, vs[0]);
}
@Test
public void testGetRestrictions() throws Exception {
- Restriction nameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, nameValues);
- Restriction globRestr = createRestriction(AccessControlConstants.REP_GLOB, globValue);
+ Restriction nameRestr = createRestriction(nameValues);
+ Restriction globRestr = createRestriction(globValue);
Set<Restriction> expected = ImmutableSet.of(nameRestr, globRestr);
ACE ace = createEntry(expected);
@@ -384,7 +377,7 @@ public class EntryTest extends AbstractA
@Test
public void testGetRestrictionsNone() throws Exception {
- ACE ace = createEntry(ImmutableSet.<Restriction>of());
+ ACE ace = createEntry(ImmutableSet.of());
assertTrue(ace.getRestrictions().isEmpty());
}
@@ -392,7 +385,7 @@ public class EntryTest extends AbstractA
@Test
public void testEquals() throws RepositoryException {
- Map<AccessControlEntry, AccessControlEntry> equalAces = new HashMap<AccessControlEntry, AccessControlEntry>();
+ Map<AccessControlEntry, AccessControlEntry> equalAces = new HashMap<>();
ACE ace = createEntry(PrivilegeConstants.JCR_ALL);
// create same entry again
@@ -407,9 +400,9 @@ public class EntryTest extends AbstractA
equalAces.put(ace, createEntry(testPrincipal, aggregateAllPrivs, true));
// create entry with different privilege order
- List<Privilege> reordered = new ArrayList<Privilege>(Arrays.asList(aggregateAllPrivs));
+ List<Privilege> reordered = new ArrayList<>(Arrays.asList(aggregateAllPrivs));
reordered.add(reordered.remove(0));
- equalAces.put(createEntry(testPrincipal, reordered.toArray(new Privilege[reordered.size()]), true),
+ equalAces.put(createEntry(testPrincipal, reordered.toArray(new Privilege[0]), true),
createEntry(testPrincipal, aggregateAllPrivs, true));
// even if entries are build with aggregated or declared aggregate privileges
@@ -433,75 +426,30 @@ public class EntryTest extends AbstractA
@Test
public void testNotEquals() throws RepositoryException {
ACE ace = createEntry(new String[]{PrivilegeConstants.JCR_ALL}, true);
- List<JackrabbitAccessControlEntry> otherAces = new ArrayList<JackrabbitAccessControlEntry>();
-
- try {
- // ACE template with different principal
- Principal princ = new Principal() {
- public String getName() {
- return "a name";
- }
- };
- Privilege[] privs = new Privilege[]{
- acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL)
- };
- otherAces.add(createEntry(princ, privs, true));
- } catch (RepositoryException e) {
- }
-
- // ACE template with different privileges
- try {
- otherAces.add(createEntry(new String[]{PrivilegeConstants.JCR_READ}, true));
- } catch (RepositoryException e) {
- }
- // ACE template with different 'allow' flag
- try {
- otherAces.add(createEntry(new String[]{PrivilegeConstants.JCR_ALL}, false));
- } catch (RepositoryException e) {
- }
- // ACE template with different privileges and 'allows
- try {
- otherAces.add(createEntry(new String[]{PrivilegeConstants.REP_WRITE}, false));
- } catch (RepositoryException e) {
- }
+ List<JackrabbitAccessControlEntry> otherAces = new ArrayList<>();
- // other ace impl
- final Privilege[] privs = new Privilege[]{
+ // ACE template with different principal
+ Principal princ = () -> "a name";
+ Privilege[] privs = new Privilege[]{
acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL)
};
+ otherAces.add(createEntry(princ, privs, true));
- JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {
- public boolean isAllow() {
- return true;
- }
-
- @NotNull
- public String[] getRestrictionNames() {
- return new String[0];
- }
-
- @Nullable
- public Value getRestriction(@NotNull String restrictionName) {
- return null;
- }
+ // ACE template with different privileges
+ otherAces.add(createEntry(new String[]{PrivilegeConstants.JCR_READ}, true));
- @Nullable
- public Value[] getRestrictions(@NotNull String restrictionName) {
- return null;
- }
+ // ACE template with different 'allow' flag
+ otherAces.add(createEntry(new String[]{PrivilegeConstants.JCR_ALL}, false));
- public Principal getPrincipal() {
- return testPrincipal;
- }
+ // ACE template with different privileges and 'allows
+ otherAces.add(createEntry(new String[]{PrivilegeConstants.REP_WRITE}, false));
- public Privilege[] getPrivileges() {
- return privs;
- }
- };
+ // other ace impl
+ JackrabbitAccessControlEntry pe = new Jace(testPrincipal, privs);
otherAces.add(pe);
for (JackrabbitAccessControlEntry otherAce : otherAces) {
- assertFalse(ace.equals(otherAce));
+ assertNotEquals(ace, otherAce);
}
}
@@ -512,9 +460,9 @@ public class EntryTest extends AbstractA
Privilege[] aggregateAllPrivs = acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL).getAggregatePrivileges();
List<Privilege> l = Lists.newArrayList(aggregateAllPrivs);
l.add(l.remove(0));
- Privilege[] reordered = l.toArray(new Privilege[l.size()]);
+ Privilege[] reordered = l.toArray(new Privilege[0]);
- Map<AccessControlEntry, AccessControlEntry> equivalent = new HashMap<AccessControlEntry, AccessControlEntry>();
+ Map<AccessControlEntry, AccessControlEntry> equivalent = new HashMap<>();
// create same entry again
equivalent.put(ace, createEntry(PrivilegeConstants.JCR_ALL));
// create entry with duplicate privs
@@ -543,13 +491,9 @@ public class EntryTest extends AbstractA
final Privilege[] privs = AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_ALL);
// and the opposite:
- List<JackrabbitAccessControlEntry> otherAces = new ArrayList<JackrabbitAccessControlEntry>();
+ List<JackrabbitAccessControlEntry> otherAces = new ArrayList<>();
// ACE template with different principal
- Principal princ = new Principal() {
- public String getName() {
- return "a name";
- }
- };
+ Principal princ = () -> "a name";
otherAces.add(createEntry(princ, privs, true));
// ACE template with different privileges
@@ -562,45 +506,18 @@ public class EntryTest extends AbstractA
otherAces.add(createEntry(new String[]{PrivilegeConstants.REP_WRITE}, false));
// other ace impl
- JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {
- public boolean isAllow() {
- return true;
- }
-
- @NotNull
- public String[] getRestrictionNames() {
- return new String[0];
- }
-
- @Nullable
- public Value getRestriction(@NotNull String restrictionName) {
- return null;
- }
-
- @Nullable
- public Value[] getRestrictions(@NotNull String restrictionName) {
- return null;
- }
-
- public Principal getPrincipal() {
- return testPrincipal;
- }
-
- public Privilege[] getPrivileges() {
- return privs;
- }
- };
+ JackrabbitAccessControlEntry pe = new Jace(testPrincipal, privs);
otherAces.add(pe);
for (JackrabbitAccessControlEntry otherAce : otherAces) {
- assertFalse(ace.hashCode() == otherAce.hashCode());
+ assertNotEquals(ace.hashCode(), otherAce.hashCode());
}
}
private class EmptyACE extends ACE {
- public EmptyACE(PrivilegeBits privilegeBits) throws AccessControlException {
+ EmptyACE(PrivilegeBits privilegeBits) throws AccessControlException {
super(testPrincipal, privilegeBits, true, null, namePathMapper);
}
@@ -609,4 +526,42 @@ public class EntryTest extends AbstractA
return new Privilege[0];
}
}
+
+ private static final class Jace implements JackrabbitAccessControlEntry {
+
+ private final Principal principal;
+ private final Privilege[] privs;
+
+ private Jace(@NotNull Principal principal, @NotNull Privilege[] privs) {
+ this.principal = principal;
+ this.privs = privs;
+ }
+
+ public boolean isAllow() {
+ return true;
+ }
+
+ @NotNull
+ public String[] getRestrictionNames() {
+ return new String[0];
+ }
+
+ @Nullable
+ public Value getRestriction(@NotNull String restrictionName) {
+ return null;
+ }
+
+ @Nullable
+ public Value[] getRestrictions(@NotNull String restrictionName) {
+ return null;
+ }
+
+ public Principal getPrincipal() {
+ return principal;
+ }
+
+ public Privilege[] getPrivileges() {
+ return privs;
+ }
+ }
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/NodeACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/NodeACLTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/NodeACLTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/NodeACLTest.java Fri Sep 25 13:53:57 2020
@@ -20,7 +20,6 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -47,7 +46,7 @@ public class NodeACLTest extends Abstrac
policy.addAccessControlEntry(EveryonePrincipal.getInstance(), testPrivileges);
acMgr.setPolicy(TEST_PATH, policy);
- nodeAcl = getNodeAcl(acMgr, TEST_PATH);
+ nodeAcl = getNodeAcl(acMgr);
}
@After
@@ -60,8 +59,8 @@ public class NodeACLTest extends Abstrac
}
@NotNull
- private static ACL getNodeAcl(@NotNull JackrabbitAccessControlManager acMgr, @Nullable String path) throws RepositoryException {
- for (AccessControlPolicy acp : acMgr.getPolicies(path)) {
+ private static ACL getNodeAcl(@NotNull JackrabbitAccessControlManager acMgr) throws RepositoryException {
+ for (AccessControlPolicy acp : acMgr.getPolicies(AbstractAccessControlTest.TEST_PATH)) {
if (acp instanceof ACL) {
return (ACL) acp;
}
@@ -72,7 +71,7 @@ public class NodeACLTest extends Abstrac
@Test
public void testEquals() throws Exception {
assertEquals(nodeAcl, nodeAcl);
- assertEquals(nodeAcl, getNodeAcl(getAccessControlManager(root), TEST_PATH));
+ assertEquals(nodeAcl, getNodeAcl(getAccessControlManager(root)));
}
@Test
@@ -86,7 +85,7 @@ public class NodeACLTest extends Abstrac
@Test
public void testEqualsDifferentEntries() throws Exception {
- ACL acl = getNodeAcl(getAccessControlManager(root), TEST_PATH);
+ ACL acl = getNodeAcl(getAccessControlManager(root));
acl.removeAccessControlEntry(acl.getAccessControlEntries()[0]);
assertNotEquals(nodeAcl, acl);
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PolicyOwnerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PolicyOwnerImplTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PolicyOwnerImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PolicyOwnerImplTest.java Fri Sep 25 13:53:57 2020
@@ -67,7 +67,7 @@ public class PolicyOwnerImplTest extends
}
@Test
- public void testDefinesDifferentPolicy() throws Exception {
+ public void testDefinesDifferentPolicy() {
assertFalse(acMgr.defines(TEST_PATH, new AccessControlPolicy() {}));
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PrincipalACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PrincipalACLTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PrincipalACLTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PrincipalACLTest.java Fri Sep 25 13:53:57 2020
@@ -17,19 +17,26 @@
package org.apache.jackrabbit.oak.security.authorization.accesscontrol;
import java.security.Principal;
+import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
import javax.jcr.UnsupportedRepositoryOperationException;
+import javax.jcr.ValueFactory;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlList;
import javax.jcr.security.AccessControlPolicy;
+import com.google.common.collect.ImmutableMap;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
+import org.apache.jackrabbit.api.security.principal.JackrabbitPrincipal;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
import org.jetbrains.annotations.NotNull;
import org.junit.Before;
import org.junit.Test;
+import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_GLOB;
+import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_NODE_PATH;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
@@ -85,6 +92,21 @@ public class PrincipalACLTest extends Ab
}
@Test
+ public void testEqualsDifferentPath() throws Exception {
+ ACL acl = getPrincipalAcl(getAccessControlManager(root), new PrincipalImpl(testPrincipal.getName()));
+ assertNotEquals(principalAcl, acl);
+ }
+
+ @Test
+ public void testEqualsDifferentEntries() throws Exception {
+ ValueFactory vf = getValueFactory(root);
+ ACL acl = getPrincipalAcl(getAccessControlManager(root), testPrincipal);
+ acl.addEntry(testPrincipal, privilegesFromNames(JCR_VERSION_MANAGEMENT), true,
+ ImmutableMap.of(REP_GLOB, vf.createValue("/subtree/*"), REP_NODE_PATH, vf.createValue(TEST_PATH)));
+ assertNotEquals(principalAcl, acl);
+ }
+
+ @Test
public void testHashCode() {
assertEquals(0, principalAcl.hashCode());
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedPrivilegeNamesTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedPrivilegeNamesTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedPrivilegeNamesTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedPrivilegeNamesTest.java Fri Sep 25 13:53:57 2020
@@ -35,6 +35,7 @@ import javax.jcr.security.Privilege;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
+import java.util.stream.Collectors;
import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_POLICY;
import static org.junit.Assert.assertEquals;
@@ -61,7 +62,7 @@ public class RemappedPrivilegeNamesTest
}
protected Privilege[] privilegesFromNames(@NotNull String... privilegeNames) throws RepositoryException {
- Iterable<String> jcrNames = Iterables.transform(Arrays.asList(privilegeNames), s -> getNamePathMapper().getJcrName(s));
+ Iterable<String> jcrNames = Arrays.stream(privilegeNames).map(s -> getNamePathMapper().getJcrName(s)).collect(Collectors.toList());
return super.privilegesFromNames(jcrNames);
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedRestrictionNamesTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedRestrictionNamesTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedRestrictionNamesTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/RemappedRestrictionNamesTest.java Fri Sep 25 13:53:57 2020
@@ -17,7 +17,6 @@
package org.apache.jackrabbit.oak.security.authorization.accesscontrol;
import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.Iterables;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.namepath.impl.LocalNameMapper;
import org.apache.jackrabbit.oak.namepath.impl.NamePathMapperImpl;
@@ -33,6 +32,7 @@ import javax.jcr.security.Privilege;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
+import java.util.stream.Collectors;
import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_GLOB;
import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_ITEM_NAMES;
@@ -68,7 +68,7 @@ public class RemappedRestrictionNamesTes
}
protected Privilege[] privilegesFromNames(@NotNull String... privilegeNames) throws RepositoryException {
- Iterable<String> jcrNames = Iterables.transform(Arrays.asList(privilegeNames), s -> getNamePathMapper().getJcrName(s));
+ Iterable<String> jcrNames = Arrays.stream(privilegeNames).map(s -> getNamePathMapper().getJcrName(s)).collect(Collectors.toList());
return super.privilegesFromNames(jcrNames);
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/TestUtility.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/TestUtility.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/TestUtility.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/TestUtility.java Fri Sep 25 13:53:57 2020
@@ -34,9 +34,7 @@ import java.util.Map;
import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_GLOB;
final class TestUtility {
-
- private static final Logger log = LoggerFactory.getLogger(TestUtility.class);
-
+
private TestUtility() {}
@NotNull
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/UtilTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/UtilTest.java?rev=1882018&r1=1882017&r2=1882018&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/UtilTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/UtilTest.java Fri Sep 25 13:53:57 2020
@@ -160,7 +160,7 @@ public class UtilTest extends AbstractSe
private final class TestAce extends ACE {
- public TestAce(boolean isAllow) throws AccessControlException {
+ TestAce(boolean isAllow) throws AccessControlException {
super(EveryonePrincipal.getInstance(), bitsProvider.getBits(PrivilegeConstants.JCR_READ), isAllow, null, NamePathMapper.DEFAULT);
}