You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2010/10/13 13:55:48 UTC
svn commit: r1022073 - in /jackrabbit/trunk:
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/
jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security...
Author: angela
Date: Wed Oct 13 11:55:48 2010
New Revision: 1022073
URL: http://svn.apache.org/viewvc?rev=1022073&view=rev
Log:
JCR-2563 : Add UserManager.createGroup(String groupID) method
Modified:
jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/UserManager.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java
Modified: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/UserManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/UserManager.java?rev=1022073&r1=1022072&r2=1022073&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/UserManager.java (original)
+++ jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/UserManager.java Wed Oct 13 11:55:48 2010
@@ -147,6 +147,22 @@ public interface UserManager {
String intermediatePath) throws AuthorizableExistsException, RepositoryException;
/**
+ * Creates a Group for the given groupID, which must not be <code>null</code>.
+ * <br>
+ * Same as {@link #createGroup(String, Principal,String)} where the specified
+ * groupID is the name of the <code>Principal</code> the intermediate path
+ * is <code>null</code>.
+ *
+ * @param groupID The id of the new group; must not be <code>null</code>.
+ * @return The new <code>Group</code>.
+ * @throws AuthorizableExistsException in case the given groupID is already
+ * in use or another {@link Authorizable} with the same
+ * {@link Authorizable#getID() ID} or principal name already exists.
+ * @throws RepositoryException If another error occurs.
+ */
+ Group createGroup(String groupID) throws AuthorizableExistsException, RepositoryException;
+
+ /**
* Creates a new <code>Group</code> that is based on the given principal.
* Note that the group's ID is implementation specific. The implementation
* may take the principal name as ID hint but must in any case assert that
@@ -154,14 +170,27 @@ public interface UserManager {
*
* @param principal A non-null <code>Principal</code>
* @return The new <code>Group</code>.
- * @throws AuthorizableExistsException in case the given principal is already
- * in use with another Authorizable.
+ * @throws AuthorizableExistsException in case the given principal is
+ * already in use with another Authorizable.
* @throws RepositoryException If another error occurs.
*/
Group createGroup(Principal principal) throws AuthorizableExistsException, RepositoryException;
/**
- * Creates a new <code>Group</code> that is based on the given principal
+ * Same as {@link #createGroup(String, Principal, String)} where the
+ * name of the specified principal is used to create the group's ID.
+ *
+ * @param principal
+ * @param intermediatePath
+ * @return The new <code>Group</code>.
+ * @throws AuthorizableExistsException in case the given principal is
+ * already in use with another Authorizable.
+ * @throws RepositoryException If another error occurs.
+ */
+ Group createGroup(Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException;
+
+ /**
+ * Creates a new <code>Group</code> that is based on the given id, principal
* and the specified <code>intermediatePath</code> hint. If the implementation
* is not able to deal with the <code>intermediatePath</code> this parameter
* should be ignored.
@@ -173,7 +202,7 @@ public interface UserManager {
* in use with another Authorizable.
* @throws RepositoryException If another error occurs.
*/
- Group createGroup(Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException;
+ Group createGroup(String groupID, Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException;
/**
* If any write operations executed through the User API are automatically
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java?rev=1022073&r1=1022072&r2=1022073&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java Wed Oct 13 11:55:48 2010
@@ -500,15 +500,11 @@ public class UserManagerImpl extends Pro
public User createUser(String userID, String password,
Principal principal, String intermediatePath)
throws AuthorizableExistsException, RepositoryException {
- if (userID == null || userID.length() == 0) {
- throw new IllegalArgumentException("Cannot create user: UserID can neither be null nor empty String.");
- }
+ checkValidID(userID);
if (password == null) {
throw new IllegalArgumentException("Cannot create user: null password.");
}
- if (internalGetAuthorizable(userID) != null) {
- throw new AuthorizableExistsException("User for '" + userID + "' already exists");
- }
+ // NOTE: principal validation during setPrincipal call.
try {
NodeImpl userNode = (NodeImpl) nodeCreator.createUserNode(userID, intermediatePath);
@@ -531,7 +527,15 @@ public class UserManagerImpl extends Pro
}
/**
- * Same as {@link #createGroup(java.security.Principal, String )} where the
+ * @see UserManager#createGroup(String)
+ */
+ public Group createGroup(String groupID)
+ throws AuthorizableExistsException, RepositoryException {
+ return createGroup(groupID, new PrincipalImpl(groupID), null);
+ }
+
+ /**
+ * Same as {@link #createGroup(java.security.Principal, String)} where the
* intermediate path is <code>null</code>.
* @see UserManager#createGroup(Principal)
*/
@@ -540,12 +544,9 @@ public class UserManagerImpl extends Pro
}
/**
- * Create a new <code>Group</code> from the given <code>principal</code>.
- * It will be created below the defined {@link #getGroupsPath() group path}.<br>
- * Non-existent elements of the Path will be created as nodes
- * of type {@link #NT_REP_AUTHORIZABLE_FOLDER rep:AuthorizableFolder}.
- * The group ID will be generated from the principal name. If the name
- * conflicts with an existing authorizable ID (may happen in cases where
+ * Same as {@link #createGroup(String, Principal, String)} where a groupID
+ * is generated from the principal name. If the name conflicts with an
+ * existing authorizable ID (may happen in cases where
* principal name != ID) the principal name is expanded by a suffix;
* otherwise the resulting group ID equals the principal name.
*
@@ -558,13 +559,38 @@ public class UserManagerImpl extends Pro
* @see UserManager#createGroup(java.security.Principal, String)
*/
public Group createGroup(Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException {
- if (!isValidPrincipal(principal)) {
- throw new IllegalArgumentException("Cannot create group: Principal may not be null and must have a valid name.");
- }
+ checkValidPrincipal(principal);
+
+ String groupID = getGroupId(principal.getName());
+ return createGroup(groupID, principal, intermediatePath);
+ }
+
+ /**
+ * Create a new <code>Group</code> from the given <code>groupID</code> and
+ * <code>principal</code>. It will be created below the defined
+ * {@link #getGroupsPath() group path}.<br>
+ * Non-existent elements of the Path will be created as nodes
+ * of type {@link #NT_REP_AUTHORIZABLE_FOLDER rep:AuthorizableFolder}.
+ *
+ * @param groupID A groupID that hasn't been used before for another
+ * user or group.
+ * @param principal A principal that doesn't yet represent an existing user
+ * or group.
+ * @param intermediatePath Is always ignored.
+ * @return A new group.
+ * @throws AuthorizableExistsException
+ * @throws RepositoryException
+ * @see UserManager#createGroup(String, java.security.Principal, String)
+ */
+ public Group createGroup(String groupID, Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException {
+ checkValidID(groupID);
+ // NOTE: principal validation during setPrincipal call.
try {
- String groupID = getGroupId(principal.getName());
NodeImpl groupNode = (NodeImpl) nodeCreator.createGroupNode(groupID, intermediatePath);
- setPrincipal(groupNode, principal);
+
+ if (principal != null) {
+ setPrincipal(groupNode, principal);
+ }
Group group = createGroup(groupNode);
if (isAutoSave()) {
@@ -623,9 +649,7 @@ public class UserManagerImpl extends Pro
* @throws RepositoryException If another error occurs.
*/
void setPrincipal(NodeImpl node, Principal principal) throws AuthorizableExistsException, RepositoryException {
- if (!isValidPrincipal(principal)) {
- throw new IllegalArgumentException("Cannot create Authorizable: Principal may not be null and must have a valid name.");
- }
+ checkValidPrincipal(principal);
/*
Check if there is *another* authorizable with the same principal.
The additional validation (nodes not be same) is required in order to
@@ -898,8 +922,33 @@ public class UserManagerImpl extends Pro
}
}
- private static boolean isValidPrincipal(Principal principal) {
- return principal != null && principal.getName() != null && principal.getName().length() > 0;
+ /**
+ * Checks if the specified <code>id</code> is a non-empty string and not yet
+ * in use for another user or group.
+ *
+ * @param id The id of the user or group to be created.
+ * @throws IllegalArgumentException If the specified id is null or empty string.
+ * @throws AuthorizableExistsException If the id is already in use.
+ * @throws RepositoryException If another error occurs.
+ */
+ private void checkValidID(String id) throws IllegalArgumentException, AuthorizableExistsException, RepositoryException {
+ if (id == null || id.length() == 0) {
+ throw new IllegalArgumentException("Cannot create authorizable: ID can neither be null nor empty String.");
+ }
+ if (internalGetAuthorizable(id) != null) {
+ throw new AuthorizableExistsException("User or Group for '" + id + "' already exists");
+ }
+ }
+
+ /**
+ * Throws <code>IllegalArgumentException</code> if the specified principal
+ * is <code>null</code> or if it's name is <code>null</code> or empty string.
+ * @param principal
+ */
+ private static void checkValidPrincipal(Principal principal) {
+ if (principal == null || principal.getName() == null || "".equals(principal.getName())) {
+ throw new IllegalArgumentException("Principal may not be null and must have a valid name.");
+ }
}
private static int parseMembershipSplitSize(Object param) {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java?rev=1022073&r1=1022072&r2=1022073&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java Wed Oct 13 11:55:48 2010
@@ -1413,6 +1413,10 @@ public class UserImporterTest extends Ab
return null;
}
+ public Group createGroup(String groupID) throws AuthorizableExistsException, RepositoryException {
+ return null;
+ }
+
public Group createGroup(Principal principal) throws AuthorizableExistsException, RepositoryException {
return null;
}
@@ -1421,6 +1425,10 @@ public class UserImporterTest extends Ab
return null;
}
+ public Group createGroup(String groupID, Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException {
+ return null;
+ }
+
public boolean isAutoSave() {
return true;
}
@@ -1583,4 +1591,4 @@ public class UserImporterTest extends Ab
return null;
}
}
-}
\ No newline at end of file
+}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java?rev=1022073&r1=1022072&r2=1022073&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserManagerImplTest.java Wed Oct 13 11:55:48 2010
@@ -18,6 +18,7 @@ package org.apache.jackrabbit.core.secur
import org.apache.jackrabbit.api.security.user.AbstractUserTest;
import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.AuthorizableExistsException;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
@@ -33,7 +34,9 @@ import javax.jcr.SimpleCredentials;
import javax.jcr.Value;
import javax.jcr.Node;
import java.security.Principal;
+import java.util.HashMap;
import java.util.Iterator;
+import java.util.Map;
import java.util.Set;
import java.util.List;
import java.util.ArrayList;
@@ -136,7 +139,101 @@ public class UserManagerImplTest extends
}
}
- public void testCreatingGroupWithNameMatchingExistingUserId() throws RepositoryException, NotExecutableException {
+ public void testCreateGroupWithInvalidIdOrPrincipal() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = p.getName();
+
+ Map<String, Principal> fail = new HashMap<String, Principal>();
+ fail.put(uid, null);
+ fail.put(uid, new TestPrincipal(""));
+ fail.put(null, p);
+ fail.put("", p);
+
+ for (String id : fail.keySet()) {
+ Group g = null;
+ try {
+ Principal princ = fail.get(id);
+ g = userMgr.createGroup(id, princ, null);
+ fail("Creating group with id '"+id+"' and principal '"+princ+"' should fail");
+ } catch (IllegalArgumentException e) {
+ // success
+ } finally {
+ if (g != null) {
+ g.remove();
+ save(superuser);
+ }
+ }
+ }
+ }
+
+ public void testCreateGroupWithId() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = p.getName();
+
+ Group gr = null;
+ try {
+
+ // assert group creation with exact ID
+ gr = userMgr.createGroup(uid);
+ save(superuser);
+ assertEquals("Expect group with exact ID", uid, gr.getID());
+
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupWithIdAndPrincipal() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = p.getName();
+
+ Group gr = null;
+ try {
+
+ // assert group creation with exact ID
+ gr = userMgr.createGroup(uid, p, null);
+ save(superuser);
+
+ assertEquals("Expect group with exact ID", uid, gr.getID());
+ assertEquals("Expected group with exact principal name", p.getName(), gr.getPrincipal().getName());
+
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupIdDifferentFromPrincipalName() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = getTestUserId(p);
+
+ assertFalse(uid.equals(p.getName()));
+
+ Group g = null;
+ Session uSession = null;
+ try {
+ g = userMgr.createGroup(uid, p, null);
+ save(superuser);
+
+ String msg = "Creating a Group with principal-name distinct from Principal-name must succeed as long as both are unique.";
+ assertEquals(msg, g.getID(), uid);
+ assertEquals(msg, p.getName(), g.getPrincipal().getName());
+ assertFalse(msg, g.getID().equals(g.getPrincipal().getName()));
+
+ } finally {
+ if (g != null) {
+ g.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreatingGroupWithPrincipalMatchingExistingUserId() throws RepositoryException, NotExecutableException {
Principal p = getTestPrincipal();
String uid = getTestUserId(p);
@@ -165,6 +262,202 @@ public class UserManagerImplTest extends
}
}
+ public void testCreateGroupWithExistingPrincipal() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = p.getName();
+
+ User u = null;
+ try {
+ // create a user with the given ID
+ u = userMgr.createUser(uid, buildPassword(uid), p, null);
+ save(superuser);
+
+ // assert AuthorizableExistsException for principal that is already in use
+ Group gr = null;
+ try {
+ gr = userMgr.createGroup(p);
+ fail("Principal " + p.getName() + " is already in use -> must throw AuthorizableExistsException.");
+ } catch (AuthorizableExistsException aee) {
+ // expected this
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+
+ } finally {
+ if (u != null) {
+ u.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupWithExistingPrincipal2() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = getTestUserId(p);
+
+ assertFalse(uid.equals(p.getName()));
+
+ User u = null;
+ try {
+ // create a user with the given ID
+ u = userMgr.createUser(uid, buildPassword(uid), p, null);
+ save(superuser);
+
+ // assert AuthorizableExistsException for principal that is already in use
+ Group gr = null;
+ try {
+ gr = userMgr.createGroup(p);
+ fail("Principal " + p.getName() + " is already in use -> must throw AuthorizableExistsException.");
+ } catch (AuthorizableExistsException aee) {
+ // expected this
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+
+ } finally {
+ if (u != null) {
+ u.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupWithExistingPrincipal3() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = getTestUserId(p);
+
+ assertFalse(uid.equals(p.getName()));
+
+ User u = null;
+ try {
+ // create a user with the given ID
+ u = userMgr.createUser(uid, buildPassword(uid), p, null);
+ save(superuser);
+
+ // assert AuthorizableExistsException for principal that is already in use
+ Group gr = null;
+ try {
+ gr = userMgr.createGroup(getTestPrincipal().getName(), p, null);
+ fail("Principal " + p.getName() + " is already in use -> must throw AuthorizableExistsException.");
+ } catch (AuthorizableExistsException aee) {
+ // expected this
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+
+ } finally {
+ if (u != null) {
+ u.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupWithExistingUserID() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = getTestUserId(p);
+
+ User u = null;
+ try {
+ // create a user with the given ID
+ u = userMgr.createUser(uid, buildPassword(uid), p, null);
+ save(superuser);
+
+ // assert AuthorizableExistsException for id that is already in use
+ Group gr = null;
+ try {
+ gr = userMgr.createGroup(uid);
+ fail("ID " + uid + " is already in use -> must throw AuthorizableExistsException.");
+ } catch (AuthorizableExistsException aee) {
+ // expected this
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+
+ } finally {
+ if (u != null) {
+ u.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupWithExistingGroupID() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = getTestUserId(p);
+
+ Group g = null;
+ try {
+ // create a user with the given ID
+ g = userMgr.createGroup(uid);
+ save(superuser);
+
+ // assert AuthorizableExistsException for id that is already in use
+ Group gr = null;
+ try {
+ gr = userMgr.createGroup(uid);
+ fail("ID " + uid + " is already in use -> must throw AuthorizableExistsException.");
+ } catch (AuthorizableExistsException aee) {
+ // expected this
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+
+ } finally {
+ if (g != null) {
+ g.remove();
+ save(superuser);
+ }
+ }
+ }
+
+ public void testCreateGroupWithExistingGroupID2() throws RepositoryException, NotExecutableException {
+ Principal p = getTestPrincipal();
+ String uid = getTestUserId(p);
+
+ Group g = null;
+ try {
+ // create a user with the given ID
+ g = userMgr.createGroup(uid, p, null);
+ save(superuser);
+
+ // assert AuthorizableExistsException for id that is already in use
+ Group gr = null;
+ try {
+ gr = userMgr.createGroup(uid, getTestPrincipal(), null);
+ fail("ID " + uid + " is already in use -> must throw AuthorizableExistsException.");
+ } catch (AuthorizableExistsException aee) {
+ // expected this
+ } finally {
+ if (gr != null) {
+ gr.remove();
+ save(superuser);
+ }
+ }
+
+ } finally {
+ if (g != null) {
+ g.remove();
+ save(superuser);
+ }
+ }
+ }
+
public void testFindAuthorizable() throws RepositoryException, NotExecutableException {
Authorizable auth;
Set<Principal> principals = getPrincipalSetFromSession(superuser);