You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/04/18 19:03:54 UTC
svn commit: r1469444 - in
/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak: ./
security/authentication/ security/authentication/token/
security/authentication/user/ security/authorization/
security/authorization/evaluation/ securi...
Author: angela
Date: Thu Apr 18 17:03:53 2013
New Revision: 1469444
URL: http://svn.apache.org/r1469444
Log:
simplify security related tests
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/AbstractTokenTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfoTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/EffectivePolicyTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/AbstractOakCoreTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManagerTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java Thu Apr 18 17:03:53 2013
@@ -16,6 +16,7 @@
*/
package org.apache.jackrabbit.oak;
+import java.util.UUID;
import javax.annotation.Nullable;
import javax.jcr.Credentials;
import javax.jcr.NoSuchWorkspaceException;
@@ -29,6 +30,7 @@ import javax.security.auth.login.LoginEx
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.ContentRepository;
import org.apache.jackrabbit.oak.api.ContentSession;
@@ -54,6 +56,7 @@ public abstract class AbstractSecurityTe
private ContentRepository contentRepository;
private UserManager userManager;
+ private User testUser;
private PrivilegeManager privMgr;
protected NamePathMapper namePathMapper = NamePathMapper.DEFAULT;
@@ -79,8 +82,15 @@ public abstract class AbstractSecurityTe
@After
public void after() throws Exception {
- adminSession.close();
- Configuration.setConfiguration(null);
+ try {
+ if (testUser != null) {
+ testUser.remove();
+ root.commit();
+ }
+ } finally {
+ adminSession.close();
+ Configuration.setConfiguration(null);
+ }
}
protected SecurityProvider getSecurityProvider() {
@@ -146,4 +156,18 @@ public abstract class AbstractSecurityTe
}
return privMgr;
}
+
+ protected User getTestUser() throws Exception {
+ if (testUser == null) {
+ String uid = "testUser" + UUID.randomUUID();
+ testUser = getUserManager().createUser(uid, uid);
+ root.commit();
+ }
+ return testUser;
+ }
+
+ protected ContentSession createTestSession() throws Exception {
+ String uid = getTestUser().getID();
+ return login(new SimpleCredentials(uid, uid.toCharArray()));
+ }
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java Thu Apr 18 17:03:53 2013
@@ -32,7 +32,14 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
/**
- * LoginTest...
+ * Test the following login configuration:
+ *
+ * <pre>
+ * jackrabbit.oak {
+ * org.apache.jackrabbit.oak.spi.security.authentication.GuestLoginModule optional;
+ * org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl required;
+ * };
+ * </pre>
*/
public class GuestDefaultLoginModuleTest extends AbstractSecurityTest {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java Thu Apr 18 17:03:53 2013
@@ -28,7 +28,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
/**
- * JackrabbitTest... TODO
+ * Test login with {@link ConfigurationUtil#getJackrabbit2Configuration(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters)}
*/
public class Jackrabbit2ConfigurationTest extends TokenDefaultLoginModuleTest {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java Thu Apr 18 17:03:53 2013
@@ -38,7 +38,14 @@ import static org.junit.Assert.assertNot
import static org.junit.Assert.fail;
/**
- * TokenDefaultLoginModuleTest...
+ * Test login behavior with the following configuration:
+ *
+ * <pre>
+ * jackrabbit.oak {
+ * org.apache.jackrabbit.oak.spi.security.authentication.token.TokenLoginModule sufficient;
+ * org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl required;
+ * };
+ * </pre>
*/
public class TokenDefaultLoginModuleTest extends AbstractSecurityTest {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/AbstractTokenTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/AbstractTokenTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/AbstractTokenTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/AbstractTokenTest.java Thu Apr 18 17:03:53 2013
@@ -16,10 +16,8 @@
*/
package org.apache.jackrabbit.oak.security.authentication.token;
-import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.junit.After;
import org.junit.Before;
/**
@@ -28,7 +26,6 @@ import org.junit.Before;
public abstract class AbstractTokenTest extends AbstractSecurityTest {
TokenProviderImpl tokenProvider;
- String userId;
@Before
public void before() throws Exception {
@@ -38,22 +35,6 @@ public abstract class AbstractTokenTest
tokenProvider = new TokenProviderImpl(root,
ConfigurationParameters.EMPTY,
getUserConfiguration());
-
- userId = "testUser";
- getUserManager().createUser(userId, "pw");
root.commit();
}
-
- @After
- public void after() throws Exception {
- try {
- Authorizable a = getUserManager().getAuthorizable(userId);
- if (a != null) {
- a.remove();
- root.commit();
- }
- } finally {
- super.after();
- }
- }
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java Thu Apr 18 17:03:53 2013
@@ -26,14 +26,10 @@ import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
-import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
-import org.apache.jackrabbit.oak.security.authentication.token.TokenAuthentication;
-import org.apache.jackrabbit.oak.security.authentication.token.TokenProviderImpl;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authentication.Authentication;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
-import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -55,29 +51,13 @@ public class TokenAuthenticationTest ext
@Before
public void before() throws Exception {
super.before();
-
- root = adminSession.getLatestRoot();
tokenProvider = new TokenProviderImpl(root,
ConfigurationParameters.EMPTY,
getUserConfiguration());
- userId = "testUser";
- getUserManager().createUser(userId, "pw");
root.commit();
authentication = new TokenAuthentication(tokenProvider);
- }
-
- @After
- public void after() throws Exception {
- try {
- Authorizable a = getUserManager().getAuthorizable(userId);
- if (a != null) {
- a.remove();
- root.commit();
- }
- } finally {
- super.after();
- }
+ userId = getTestUser().getID();
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfoTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfoTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfoTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfoTest.java Thu Apr 18 17:03:53 2013
@@ -23,6 +23,7 @@ import java.util.Map;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
+import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
@@ -35,6 +36,15 @@ import static org.junit.Assert.assertTru
*/
public class TokenInfoTest extends AbstractTokenTest {
+ private String userId;
+
+ @Override
+ @Before
+ public void before() throws Exception {
+ super.before();
+ userId = getTestUser().getID();
+ }
+
@Test
public void testGetUserId() {
TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Thu Apr 18 17:03:53 2013
@@ -34,6 +34,7 @@ import org.apache.jackrabbit.oak.api.Tre
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
+import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
@@ -47,6 +48,15 @@ import static org.junit.Assert.assertTru
*/
public class TokenProviderImplTest extends AbstractTokenTest {
+ private String userId;
+
+ @Override
+ @Before
+ public void before() throws Exception {
+ super.before();
+ userId = getTestUser().getID();
+ }
+
@Test
public void testDoCreateToken() throws Exception {
assertFalse(tokenProvider.doCreateToken(new GuestCredentials()));
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java Thu Apr 18 17:03:53 2013
@@ -27,12 +27,9 @@ import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
-import org.apache.jackrabbit.api.security.user.Authorizable;
-import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.AuthInfo;
import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
-import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -45,45 +42,26 @@ import static org.junit.Assert.fail;
*/
public class UserAuthenticationTest extends AbstractSecurityTest {
- private final String userId = "testUser";
+ private String userId;
private UserAuthentication authentication;
@Before
public void before() throws Exception {
super.before();
-
- root = adminSession.getLatestRoot();
-
- UserManager userManager = getUserManager();
- userManager.createUser(userId, "pw");
- root.commit();
-
- authentication = new UserAuthentication(userId, userManager);
- }
-
- @After
- public void after() throws Exception {
- try {
- Authorizable a = getUserManager().getAuthorizable(userId);
- if (a != null) {
- a.remove();
- root.commit();
- }
- } finally {
- super.after();
- }
+ userId = getTestUser().getID();
+ authentication = new UserAuthentication(userId, getUserManager());
}
@Test
public void testAuthenticateWithoutUserManager() throws Exception {
UserAuthentication authentication = new UserAuthentication(userId, null);
- assertFalse(authentication.authenticate(new SimpleCredentials(userId, "pw".toCharArray())));
+ assertFalse(authentication.authenticate(new SimpleCredentials(userId, userId.toCharArray())));
}
@Test
public void testAuthenticateWithoutUserId() throws Exception {
UserAuthentication authentication = new UserAuthentication(null, getUserManager());
- assertFalse(authentication.authenticate(new SimpleCredentials(userId, "pw".toCharArray())));
+ assertFalse(authentication.authenticate(new SimpleCredentials(userId, userId.toCharArray())));
}
@Test
@@ -116,7 +94,7 @@ public class UserAuthenticationTest exte
@Test
public void testAuthenticateSimpleCredentials() throws Exception {
- assertTrue(authentication.authenticate(new SimpleCredentials(userId, "pw".toCharArray())));
+ assertTrue(authentication.authenticate(new SimpleCredentials(userId, userId.toCharArray())));
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java Thu Apr 18 17:03:53 2013
@@ -29,7 +29,6 @@ import javax.jcr.AccessDeniedException;
import javax.jcr.NamespaceRegistry;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
-import javax.jcr.SimpleCredentials;
import javax.jcr.Value;
import javax.jcr.ValueFactory;
import javax.jcr.security.AccessControlEntry;
@@ -44,8 +43,6 @@ import com.google.common.collect.Immutab
import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.jackrabbit.api.security.user.Authorizable;
-import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.TestNameMapper;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.api.Root;
@@ -81,7 +78,6 @@ public class AccessControlManagerImplTes
private final String testName = TestNameMapper.TEST_PREFIX + ":testRoot";
private final String testPath = '/' + testName;
- private final String testUserId = "test";
private Principal testPrincipal;
private Privilege[] testPrivileges;
@@ -107,12 +103,10 @@ public class AccessControlManagerImplTes
NodeUtil rootNode = new NodeUtil(root.getTree("/"), npMapper);
rootNode.addChild(testName, JcrConstants.NT_UNSTRUCTURED);
+ root.commit();
- User user = getUserManager().createUser(testUserId, testUserId);
- testPrincipal = user.getPrincipal();
testPrivileges = privilegesFromNames(Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_READ);
-
- root.commit();
+ testPrincipal = getTestPrincipal();
}
@After
@@ -120,11 +114,6 @@ public class AccessControlManagerImplTes
try {
root.refresh();
root.getTree(testPath).remove();
-
- Authorizable testUser = getUserManager().getAuthorizable(testUserId);
- if (testUser != null) {
- testUser.remove();
- }
root.commit();
if (testRoot != null) {
@@ -147,7 +136,7 @@ public class AccessControlManagerImplTes
private Root getTestRoot() throws Exception {
if (testRoot == null) {
- testRoot = login(new SimpleCredentials(testUserId, testUserId.toCharArray())).getLatestRoot();
+ testRoot = createTestSession().getLatestRoot();
}
return testRoot;
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/EffectivePolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/EffectivePolicyTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/EffectivePolicyTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/EffectivePolicyTest.java Thu Apr 18 17:03:53 2013
@@ -19,10 +19,8 @@ package org.apache.jackrabbit.oak.securi
import java.security.Principal;
import java.util.Collections;
import java.util.Set;
-import java.util.UUID;
import javax.annotation.Nonnull;
import javax.jcr.AccessDeniedException;
-import javax.jcr.SimpleCredentials;
import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
@@ -30,8 +28,6 @@ import javax.jcr.security.Privilege;
import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
-import org.apache.jackrabbit.api.security.user.User;
-import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.api.Root;
@@ -57,8 +53,6 @@ public class EffectivePolicyTest extends
private String path;
private String childNPath;
- private String testUserId = "testUser" + UUID.randomUUID();
- private User testUser;
protected ContentSession testSession;
protected Root testRoot;
protected JackrabbitAccessControlManager testAccessControlManager;
@@ -79,11 +73,7 @@ public class EffectivePolicyTest extends
path = testNode.getTree().getPath();
childNPath = cn1.getTree().getPath();
- UserManager uMgr = getUserManager();
- testUser = uMgr.createUser(testUserId, testUserId);
- root.commit();
-
- testSession = login(new SimpleCredentials(testUserId, testUserId.toCharArray()));
+ testSession = createTestSession();
testRoot = testSession.getLatestRoot();
testAccessControlManager = getAccessControlManager(testRoot);
@@ -99,10 +89,11 @@ public class EffectivePolicyTest extends
@After
public void after() throws Exception {
try {
- testSession.close();
+ if (testSession != null) {
+ testSession.close();
+ }
root.getTree(path).remove();
- testUser.remove();
root.commit();
} finally {
super.after();
@@ -123,12 +114,12 @@ public class EffectivePolicyTest extends
@Nonnull
private JackrabbitAccessControlList allow(String nPath, Privilege[] privileges) throws Exception {
- return modify(nPath, testUser.getPrincipal(), privileges, true);
+ return modify(nPath, getTestPrincipal(), privileges, true);
}
@Nonnull
private JackrabbitAccessControlList deny(String nPath, Privilege[] privileges) throws Exception {
- return modify(nPath, testUser.getPrincipal(), privileges, false);
+ return modify(nPath, getTestPrincipal(), privileges, false);
}
@Test
@@ -167,7 +158,7 @@ public class EffectivePolicyTest extends
allow(path, privileges);
// effective policies for testPrinicpal only on path -> must succeed.
- testAccessControlManager.getEffectivePolicies(Collections.singleton(testUser.getPrincipal()));
+ testAccessControlManager.getEffectivePolicies(Collections.singleton(getTestPrincipal()));
// effective policies for a combination of principals -> must fail since
// policy for 'everyone' at root node cannot be read by testuser
@@ -185,7 +176,7 @@ public class EffectivePolicyTest extends
// the effective policies included the allowed acl at 'path' and
// the denied acl at 'childNPath' -> must fail
try {
- testAccessControlManager.getEffectivePolicies(Collections.singleton(testUser.getPrincipal()));
+ testAccessControlManager.getEffectivePolicies(Collections.singleton(getTestPrincipal()));
fail();
} catch (AccessDeniedException e) {
// success
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/AbstractOakCoreTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/AbstractOakCoreTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/AbstractOakCoreTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/AbstractOakCoreTest.java Thu Apr 18 17:03:53 2013
@@ -19,13 +19,10 @@ package org.apache.jackrabbit.oak.securi
import java.security.Principal;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import javax.jcr.SimpleCredentials;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
-import org.apache.jackrabbit.api.security.user.Authorizable;
-import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.ContentSession;
@@ -43,10 +40,7 @@ import static org.apache.jackrabbit.JcrC
*/
public abstract class AbstractOakCoreTest extends AbstractSecurityTest {
- protected static final String TEST_USER_ID = "test";
-
protected Principal testPrincipal;
-
private ContentSession testSession;
@Before
@@ -54,8 +48,7 @@ public abstract class AbstractOakCoreTes
public void before() throws Exception {
super.before();
- User user = getUserManager().createUser(TEST_USER_ID, TEST_USER_ID);
- testPrincipal = user.getPrincipal();
+ testPrincipal = getTestUser().getPrincipal();
NodeUtil rootNode = new NodeUtil(root.getTree("/"));
NodeUtil a = rootNode.addChild("a", NT_UNSTRUCTURED);
@@ -76,12 +69,6 @@ public abstract class AbstractOakCoreTes
@Override
public void after() throws Exception {
try {
- // remove the test user
- Authorizable testUser = getUserManager().getAuthorizable(TEST_USER_ID);
- if (testUser != null) {
- testUser.remove();
- }
-
// clean up policies at the root node
AccessControlManager acMgr = getAccessControlManager(root);
AccessControlPolicy[] policies = acMgr.getPolicies("/");
@@ -105,7 +92,7 @@ public abstract class AbstractOakCoreTes
@Nonnull
protected ContentSession getTestSession() throws Exception {
if (testSession == null) {
- testSession = login(new SimpleCredentials(TEST_USER_ID, TEST_USER_ID.toCharArray()));
+ testSession = createTestSession();
}
return testSession;
}
@@ -119,6 +106,7 @@ public abstract class AbstractOakCoreTes
* Setup simple allow/deny permissions (without restrictions).
*
* @param path
+ * @param principal
* @param isAllow
* @param privilegeNames
* @throws Exception
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java Thu Apr 18 17:03:53 2013
@@ -45,7 +45,7 @@ public class AuthorizableImplTest extend
super.before();
userMgr = getUserManager();
- testUser = userMgr.createUser("testUser", "pw");
+ testUser = getTestUser();
testGroup = userMgr.createGroup("testGroup");
root.commit();
}
@@ -53,9 +53,6 @@ public class AuthorizableImplTest extend
@Override
public void after() throws Exception {
try {
- if (testUser != null) {
- testUser.remove();
- }
if (testGroup != null) {
testGroup.remove();
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java Thu Apr 18 17:03:53 2013
@@ -32,7 +32,6 @@ import org.apache.jackrabbit.oak.api.Typ
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.util.Text;
-import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -43,33 +42,18 @@ import static org.junit.Assert.fail;
*/
public class UserValidatorTest extends AbstractSecurityTest {
- private User user;
+ private String userPath;
@Before
public void before() throws Exception {
super.before();
-
- user = getUserManager().createUser("test", "pw");
- root.commit();
- }
-
- @After
- public void after() throws Exception {
- try {
- Authorizable a = getUserManager().getAuthorizable("test");
- if (a != null) {
- a.remove();
- root.commit();
- }
- } finally {
- super.after();
- }
+ userPath = getTestUser().getPath();
}
@Test
public void removePassword() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.removeProperty(UserConstants.REP_PASSWORD);
root.commit();
fail("removing password should fail");
@@ -83,7 +67,7 @@ public class UserValidatorTest extends A
@Test
public void removePrincipalName() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.removeProperty(UserConstants.REP_PRINCIPAL_NAME);
root.commit();
fail("removing principal name should fail");
@@ -97,7 +81,7 @@ public class UserValidatorTest extends A
@Test
public void removeAuthorizableId() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.removeProperty(UserConstants.REP_AUTHORIZABLE_ID);
root.commit();
fail("removing authorizable id should fail");
@@ -112,7 +96,7 @@ public class UserValidatorTest extends A
public void createWithoutPrincipalName() throws Exception {
try {
User user = getUserManager().createUser("withoutPrincipalName", "pw");
- Tree tree = root.getTree(user.getPath());
+ Tree tree = root.getTree(userPath);
tree.removeProperty(UserConstants.REP_PRINCIPAL_NAME);
root.commit();
@@ -128,7 +112,7 @@ public class UserValidatorTest extends A
public void createWithInvalidUUID() throws Exception {
try {
User user = getUserManager().createUser("withInvalidUUID", "pw");
- Tree tree = root.getTree(user.getPath());
+ Tree tree = root.getTree(userPath);
tree.setProperty(JcrConstants.JCR_UUID, UUID.randomUUID().toString());
root.commit();
@@ -143,7 +127,7 @@ public class UserValidatorTest extends A
@Test
public void changeUUID() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.setProperty(JcrConstants.JCR_UUID, UUID.randomUUID().toString());
root.commit();
fail("changing jcr:uuid should fail if it the uuid valid is invalid");
@@ -157,7 +141,7 @@ public class UserValidatorTest extends A
@Test
public void changePrincipalName() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.setProperty(UserConstants.REP_PRINCIPAL_NAME, "another");
root.commit();
fail("changing the principal name should fail");
@@ -171,7 +155,7 @@ public class UserValidatorTest extends A
@Test
public void changeAuthorizableId() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.setProperty(UserConstants.REP_AUTHORIZABLE_ID, "modified");
root.commit();
fail("changing the authorizable id should fail");
@@ -185,7 +169,7 @@ public class UserValidatorTest extends A
@Test
public void changePasswordToPlainText() throws Exception {
try {
- Tree userTree = root.getTree(user.getPath());
+ Tree userTree = root.getTree(userPath);
userTree.setProperty(UserConstants.REP_PASSWORD, "plaintext");
root.commit();
fail("storing a plaintext password should fail");
@@ -243,12 +227,12 @@ public class UserValidatorTest extends A
List<String> invalid = new ArrayList<String>();
invalid.add("/");
invalid.add("/jcr:system");
- String groupPath = getConfig().getConfigValue(UserConstants.PARAM_GROUP_PATH, UserConstants.DEFAULT_GROUP_PATH);
- invalid.add(groupPath);
- String userPath = getConfig().getConfigValue(UserConstants.PARAM_USER_PATH, UserConstants.DEFAULT_USER_PATH);
- invalid.add(Text.getRelativeParent(userPath, 1));
- invalid.add(user.getPath());
- invalid.add(user.getPath() + "/folder");
+ String groupRoot = getConfig().getConfigValue(UserConstants.PARAM_GROUP_PATH, UserConstants.DEFAULT_GROUP_PATH);
+ invalid.add(groupRoot);
+ String userRoot = getConfig().getConfigValue(UserConstants.PARAM_USER_PATH, UserConstants.DEFAULT_USER_PATH);
+ invalid.add(Text.getRelativeParent(userRoot, 1));
+ invalid.add(userPath);
+ invalid.add(userPath + "/folder");
for (String path : invalid) {
try {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManagerTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManagerTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManagerTest.java Thu Apr 18 17:03:53 2013
@@ -50,9 +50,7 @@ public class UserQueryManagerTest extend
super.before();
UserManager userMgr = getUserManager();
- user = userMgr.createUser("testUser", "pw");
- root.commit();
-
+ user = getTestUser();
queryMgr = new UserQueryManager(userMgr, namePathMapper, getUserConfiguration().getConfigurationParameters(), root);
valueFactory = new ValueFactoryImpl(root.getBlobFactory(), namePathMapper);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java Thu Apr 18 17:03:53 2013
@@ -16,7 +16,6 @@
*/
package org.apache.jackrabbit.oak.spi.security.authorization;
-import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
@@ -49,7 +48,7 @@ import static org.junit.Assert.assertNot
import static org.junit.Assert.assertTrue;
/**
- * AbstractAccessControlListTest... TODO
+ * Tests for functionality provided by {@link AbstractAccessControlList}.
*/
public abstract class AbstractAccessControlListTest extends AbstractAccessControlTest {
@@ -57,11 +56,6 @@ public abstract class AbstractAccessCont
return "/testPath";
}
- protected Principal getTestPrincipal() {
- // TODO: add proper implementation
- return new PrincipalImpl("admin");
- }
-
protected AbstractAccessControlList createEmptyACL() {
return createACL(getTestPath(), Collections.<JackrabbitAccessControlEntry>emptyList(), namePathMapper);
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java?rev=1469444&r1=1469443&r2=1469444&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java Thu Apr 18 17:03:53 2013
@@ -16,6 +16,7 @@
*/
package org.apache.jackrabbit.oak.spi.security.authorization;
+import java.security.Principal;
import javax.jcr.NamespaceRegistry;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
@@ -52,4 +53,8 @@ public abstract class AbstractAccessCont
}
return restrictionProvider;
}
+
+ protected Principal getTestPrincipal() throws Exception {
+ return getTestUser().getPrincipal();
+ }
}