You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2020/09/29 15:59:11 UTC
svn commit: r1882131 [1/3] - in
/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security:
principal/ user/ user/action/ user/whiteboard/
Author: angela
Date: Tue Sep 29 15:59:10 2020
New Revision: 1882131
URL: http://svn.apache.org/viewvc?rev=1882131&view=rev
Log:
OAK-9242 : Improvements to tests in o.a.j.oak.security.user
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CachedGroupPrincipalTest.java (with props)
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplOSGiTest.java (with props)
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractAddMembersByIdTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractRemoveMembersByIdTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdIgnoreTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizablePropertiesImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CacheValidatorProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/EveryoneGroupTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/IntermediatePathTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipBaseTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipWriterTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryAdminTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryHistoryTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RandomAuthorizableNodeNameTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/SystemUserImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationFactoryImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterMembershipAbortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterMembershipBesteffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterMembershipIgnoreTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterPasswordTreeTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/UserActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/whiteboard/WhiteboardAuthorizableActionProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/whiteboard/WhiteboardAuthorizableNodeNameTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/whiteboard/WhiteboardUserAuthenticationFactoryTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java Tue Sep 29 15:59:10 2020
@@ -101,9 +101,9 @@ public abstract class AbstractPrincipalP
root.refresh();
String[] rm = new String[] { groupId, groupId2, groupId3 };
for (String id : rm) {
- Group gr = getUserManager(root).getAuthorizable(id, Group.class);
- if (gr != null) {
- gr.remove();
+ Authorizable a = getUserManager(root).getAuthorizable(id);
+ if (a != null) {
+ a.remove();
root.commit();
}
}
@@ -345,18 +345,17 @@ public abstract class AbstractPrincipalP
tests.put(PrincipalManager.SEARCH_TYPE_GROUP, Boolean.TRUE);
tests.put(PrincipalManager.SEARCH_TYPE_NOT_GROUP, Boolean.FALSE);
- for (Integer searchType : tests.keySet()) {
+ tests.forEach((key, value) -> {
boolean found = false;
- Iterator<? extends Principal> it = principalProvider.findPrincipals(EveryonePrincipal.NAME, searchType);
+ Iterator<? extends Principal> it = principalProvider.findPrincipals(EveryonePrincipal.NAME, key);
while (it.hasNext()) {
Principal p = it.next();
if (p.getName().equals(EveryonePrincipal.NAME)) {
found = true;
}
}
- Boolean expected = tests.get(searchType);
- assertEquals(expected, found);
- }
+ assertEquals(value, found);
+ });
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractAddMembersByIdTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractAddMembersByIdTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractAddMembersByIdTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractAddMembersByIdTest.java Tue Sep 29 15:59:10 2020
@@ -113,9 +113,7 @@ public abstract class AbstractAddMembers
}
String userId = getTestUser().getID();
- ContentSession testSession = null;
- try {
- testSession = login(new SimpleCredentials(userId, userId.toCharArray()));
+ try (ContentSession testSession = login(new SimpleCredentials(userId, userId.toCharArray()))) {
Root testRoot = testSession.getLatestRoot();
assertFalse(testRoot.getTree(memberGroup.getPath()).exists());
@@ -124,10 +122,6 @@ public abstract class AbstractAddMembers
Set<String> failed = gr.addMembers(memberGroup.getID());
testRoot.commit();
return failed;
- } finally {
- if (testSession != null) {
- testSession.close();
- }
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java Tue Sep 29 15:59:10 2020
@@ -81,12 +81,7 @@ public class AbstractGroupPrincipalTest
final Principal p = getTestUser().getPrincipal();
assertTrue(agp.isMember(p));
assertTrue(agp.isMember(new PrincipalImpl(p.getName())));
- assertTrue(agp.isMember(new Principal() {
- @Override
- public String getName() {
- return p.getName();
- }
- }));
+ assertTrue(agp.isMember(() -> p.getName()));
}
@@ -94,12 +89,7 @@ public class AbstractGroupPrincipalTest
public void testIsMemberMissingAuthorizable() {
List<Principal> principals = ImmutableList.of(
new PrincipalImpl("name"),
- new Principal() {
- @Override
- public String getName() {
- return "name";
- }
- }
+ () -> "name"
);
for (Principal p : principals) {
@@ -112,12 +102,7 @@ public class AbstractGroupPrincipalTest
final Principal p = getTestUser().getPrincipal();
assertTrue(everyoneAgp.isMember(p));
assertTrue(everyoneAgp.isMember(new PrincipalImpl(p.getName())));
- assertTrue(everyoneAgp.isMember(new Principal() {
- @Override
- public String getName() {
- return p.getName();
- }
- }));
+ assertTrue(everyoneAgp.isMember(() -> p.getName()));
}
@@ -125,12 +110,7 @@ public class AbstractGroupPrincipalTest
public void testIsMemberOfEveryoneMissingAuthorizable() {
List<Principal> principals = ImmutableList.of(
new PrincipalImpl("name"),
- new Principal() {
- @Override
- public String getName() {
- return "name";
- }
- }
+ () -> "name"
);
for (Principal p : principals) {
@@ -151,7 +131,7 @@ public class AbstractGroupPrincipalTest
@Test
public void testMembersFiltersNull() throws Exception {
- List l = new ArrayList();
+ List<Authorizable> l = new ArrayList<>();
l.add(null);
AbstractGroupPrincipal agp = mock(AbstractGroupPrincipal.class);
when(agp.getMembers()).thenReturn(l.iterator());
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractRemoveMembersByIdTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractRemoveMembersByIdTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractRemoveMembersByIdTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractRemoveMembersByIdTest.java Tue Sep 29 15:59:10 2020
@@ -95,9 +95,7 @@ public abstract class AbstractRemoveMemb
}
String userId = getTestUser().getID();
- ContentSession testSession = null;
- try {
- testSession = login(new SimpleCredentials(userId, userId.toCharArray()));
+ try (ContentSession testSession = login(new SimpleCredentials(userId, userId.toCharArray()))) {
Root testRoot = testSession.getLatestRoot();
assertFalse(testRoot.getTree(memberGroup.getPath()).exists());
@@ -106,10 +104,6 @@ public abstract class AbstractRemoveMemb
Set<String> failed = gr.removeMembers(memberGroup.getID());
testRoot.commit();
return failed;
- } finally {
- if (testSession != null) {
- testSession.close();
- }
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdBestEffortTest.java Tue Sep 29 15:59:10 2020
@@ -114,7 +114,7 @@ public class AddMembersByIdBestEffortTes
Iterator<Authorizable> members = testGroup.getDeclaredMembers();
assertFalse(members.hasNext());
- toRemove = new ArrayList<Authorizable>(NON_EXISTING_IDS.length);
+ toRemove = new ArrayList<>(NON_EXISTING_IDS.length);
for (String id : NON_EXISTING_IDS) {
toRemove.add(getUserManager(root).createGroup(id));
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdIgnoreTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdIgnoreTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdIgnoreTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AddMembersByIdIgnoreTest.java Tue Sep 29 15:59:10 2020
@@ -16,22 +16,17 @@
*/
package org.apache.jackrabbit.oak.security.user;
-import java.util.Set;
-
-import javax.jcr.nodetype.ConstraintViolationException;
-
import com.google.common.collect.ImmutableSet;
-import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.xml.ImportBehavior;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import org.junit.Test;
+import java.util.Set;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
public class AddMembersByIdIgnoreTest extends AbstractAddMembersByIdTest {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java Tue Sep 29 15:59:10 2020
@@ -33,6 +33,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
/**
* Implementation specific tests for {@code AuthorizableImpl} and subclasses.
@@ -79,7 +80,7 @@ public class AuthorizableImplTest extend
Authorizable user = userMgr.getAuthorizable(testUser.getID());
Authorizable group = userMgr.getAuthorizable(testGroup.getID());
- Map<Authorizable, Authorizable> equalAuthorizables = new HashMap();
+ Map<Authorizable, Authorizable> equalAuthorizables = new HashMap<>();
equalAuthorizables.put(testUser, testUser);
equalAuthorizables.put(testGroup, testGroup);
equalAuthorizables.put(user, user);
@@ -104,7 +105,7 @@ public class AuthorizableImplTest extend
User differentId = userMgr.createUser(user.getID()+"_", null);
- Map<Authorizable, Authorizable> notEqual = new HashMap();
+ Map<Authorizable, Authorizable> notEqual = new HashMap<>();
notEqual.put(testUser, testGroup);
notEqual.put(user, group);
notEqual.put(testUser, user);
@@ -112,8 +113,8 @@ public class AuthorizableImplTest extend
notEqual.put(testUser, differentId);
for (Map.Entry entry : notEqual.entrySet()) {
- assertFalse(entry.getKey().equals(entry.getValue()));
- assertFalse(entry.getValue().equals(entry.getKey()));
+ assertNotEquals(entry.getKey(), entry.getValue());
+ assertNotEquals(entry.getValue(), entry.getKey());
}
}
@@ -125,7 +126,7 @@ public class AuthorizableImplTest extend
Authorizable user = userMgr.getAuthorizable(testUser.getID());
Authorizable group = userMgr.getAuthorizable(testGroup.getID());
- Map<Authorizable, Authorizable> sameHashCode = new HashMap();
+ Map<Authorizable, Authorizable> sameHashCode = new HashMap<>();
sameHashCode.put(testUser, testUser);
sameHashCode.put(testGroup, testGroup);
sameHashCode.put(user, user);
@@ -141,14 +142,14 @@ public class AuthorizableImplTest extend
user = otherUserManager.getAuthorizable(testUser.getID());
group = otherUserManager.getAuthorizable(testGroup.getID());
- Map<Authorizable, Authorizable> notSameHashCode = new HashMap();
+ Map<Authorizable, Authorizable> notSameHashCode = new HashMap<>();
notSameHashCode.put(testUser, testGroup);
notSameHashCode.put(user, group);
notSameHashCode.put(testUser, user);
notSameHashCode.put(testGroup, group);
for (Map.Entry entry : notSameHashCode.entrySet()) {
- assertFalse(entry.getKey().hashCode() == entry.getValue().hashCode());
+ assertNotEquals(entry.getKey().hashCode(), entry.getValue().hashCode());
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizablePropertiesImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizablePropertiesImplTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizablePropertiesImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizablePropertiesImplTest.java Tue Sep 29 15:59:10 2020
@@ -16,32 +16,46 @@
*/
package org.apache.jackrabbit.oak.security.user;
-import java.util.Iterator;
-import java.util.Set;
-import java.util.UUID;
-import javax.jcr.PropertyType;
-import javax.jcr.RepositoryException;
-import javax.jcr.Value;
-import javax.jcr.ValueFactory;
-import javax.jcr.nodetype.ConstraintViolationException;
-
import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.JcrConstants;
+import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.commons.PathUtils;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
import org.apache.jackrabbit.oak.plugins.value.jcr.PartialValueFactory;
import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants;
+import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.version.VersionConstants;
import org.jetbrains.annotations.NotNull;
import org.junit.Test;
+import javax.jcr.GuestCredentials;
+import javax.jcr.PropertyType;
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import javax.jcr.ValueFactory;
+import javax.jcr.nodetype.ConstraintViolationException;
+import javax.jcr.security.AccessControlManager;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.Set;
+import java.util.UUID;
+
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
public class AuthorizablePropertiesImplTest extends AbstractSecurityTest {
@@ -158,6 +172,55 @@ public class AuthorizablePropertiesImplT
assertEquals(expected, ImmutableSet.copyOf(names));
}
+ //--------------------------------------------------------< getProperty >---
+
+ @Test
+ public void testGetProtectedProperty() throws Exception {
+ Tree t = root.getTree(user2.getPath());
+ TreeUtil.addMixin(t, NodeTypeConstants.MIX_VERSIONABLE, root.getTree(NodeTypeConstants.NODE_TYPES_PATH), null);
+ root.commit();
+
+ assertNull(properties.getProperty(VersionConstants.JCR_BASEVERSION));
+ }
+
+ @Test
+ public void testGetProtectedProperty2() throws Exception {
+ assertNull(properties.getProperty(UserConstants.REP_AUTHORIZABLE_ID));
+ }
+
+ @Test
+ public void testGetPropertyDeclaredByDifferentType() throws Exception {
+ Tree t = root.getTree(user2.getPath());
+ TreeUtil.addMixin(t, "mix:language", root.getTree(NodeTypeConstants.NODE_TYPES_PATH), null);
+ t.setProperty("jcr:language", "en");
+ root.commit();
+ assertNull(properties.getProperty("jcr:language"));
+ }
+
+ @Test
+ public void testGetPropertyParentNotAccessible() throws Exception {
+ // prevent everyone from reading the relPath intermediate node (but allowing reading the user and the properties)
+ AccessControlManager acMgr = getAccessControlManager(root);
+ JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, user2.getPath());
+ acl.addEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.JCR_READ), true);
+ acl.addEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.REP_READ_NODES), false,
+ Collections.emptyMap(),
+ Collections.singletonMap(AccessControlConstants.REP_ITEM_NAMES, new Value[] {getValueFactory(root).createValue("relPath", PropertyType.NAME)}));
+ acMgr.setPolicy(acl.getPath(), acl);
+ root.commit();
+
+ try (ContentSession testsession = login(new GuestCredentials())) {
+ Root r = testsession.getLatestRoot();
+ Authorizable u = getUserManager(r).getAuthorizable(user2.getID());
+ AuthorizablePropertiesImpl props = new AuthorizablePropertiesImpl((AuthorizableImpl) u, getPartialValueFactory());
+ assertNull(props.getProperty("relPath/prop"));
+ }
+ }
+
+ @Test(expected = RepositoryException.class)
+ public void testGetPropertyAbsolutePath() throws Exception {
+ properties.getProperty("/prop");
+ }
//--------------------------------------------------------< setProperty >---
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CacheValidatorProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CacheValidatorProviderTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CacheValidatorProviderTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CacheValidatorProviderTest.java Tue Sep 29 15:59:10 2020
@@ -193,7 +193,7 @@ public class CacheValidatorProviderTest
@Test
public void testModifyCache() throws Exception {
- List<PropertyState> props = new ArrayList();
+ List<PropertyState> props = new ArrayList<>();
props.add(PropertyStates.createProperty(CacheConstants.REP_EXPIRATION, 25));
props.add(PropertyStates.createProperty(CacheConstants.REP_GROUP_PRINCIPAL_NAMES, EveryonePrincipal.NAME));
props.add(PropertyStates.createProperty(JCR_PRIMARYTYPE, JcrConstants.NT_UNSTRUCTURED, Type.NAME));
@@ -310,5 +310,5 @@ public class CacheValidatorProviderTest
CacheValidatorProvider provider = new CacheValidatorProvider(root.getContentSession().getAuthInfo().getPrincipals(), getTreeProvider());
NodeState nodeState = getTreeProvider().asNodeState(rootTree);
return provider.getRootValidator(nodeState, nodeState, new CommitInfo("sid", "uid"));
- };
+ }
}
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CachedGroupPrincipalTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CachedGroupPrincipalTest.java?rev=1882131&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CachedGroupPrincipalTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CachedGroupPrincipalTest.java Tue Sep 29 15:59:10 2020
@@ -0,0 +1,235 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import com.google.common.base.Predicate;
+import com.google.common.collect.Iterables;
+import org.apache.jackrabbit.api.security.principal.GroupPrincipal;
+import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.authentication.SystemSubject;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.jetbrains.annotations.Nullable;
+import org.junit.Test;
+
+import javax.jcr.RepositoryException;
+import javax.security.auth.Subject;
+import java.security.Principal;
+import java.security.PrivilegedExceptionAction;
+import java.util.Enumeration;
+import java.util.UUID;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+public class CachedGroupPrincipalTest extends AbstractSecurityTest {
+
+ private String userId;
+
+ private ContentSession systemSession;
+ private Root systemRoot;
+
+ private PrincipalProvider pp;
+
+ protected String groupId;
+ protected Group testGroup;
+
+ @Override
+ public void before() throws Exception {
+ // because of full text search test #testFindRange
+ getQueryEngineSettings().setFailTraversal(false);
+ getQueryEngineSettings().setFullTextComparisonWithoutIndex(true);
+ super.before();
+
+ groupId = "testGroup" + UUID.randomUUID();
+ testGroup = getUserManager(root).createGroup(groupId);
+ testGroup.addMember(getTestUser());
+ root.commit();
+
+ userId = getTestUser().getID();
+
+ systemSession = getSystemSession();
+ systemRoot = systemSession.getLatestRoot();
+
+ // a) force the cache to be created
+ pp = new UserPrincipalProvider(systemRoot, getUserConfiguration(), namePathMapper);
+ Iterable<? extends Principal> principals = Iterables.filter(pp.getPrincipals(userId), new GroupPredicate());
+ for (Principal p : principals) {
+ String className = p.getClass().getName();
+ assertEquals("org.apache.jackrabbit.oak.security.user.UserPrincipalProvider$GroupPrincipalImpl", className);
+ }
+ }
+
+ @Override
+ public void after() throws Exception {
+ try {
+ root.refresh();
+ Authorizable a = getUserManager(root).getAuthorizable(groupId);
+ if (a != null) {
+ a.remove();
+ root.commit();
+ }
+ if (systemSession != null) {
+ systemSession.close();
+ }
+ } finally {
+ super.after();
+ }
+ }
+
+ @Override
+ protected ConfigurationParameters getSecurityConfigParameters() {
+ return ConfigurationParameters.of(
+ UserConfiguration.NAME,
+ ConfigurationParameters.of(UserPrincipalProvider.PARAM_CACHE_EXPIRATION, 3600 * 1000)
+ );
+ }
+
+ private ContentSession getSystemSession() throws Exception {
+ if (systemSession == null) {
+ systemSession = Subject.doAs(SystemSubject.INSTANCE, (PrivilegedExceptionAction<ContentSession>) () -> login(null));
+ }
+ return systemSession;
+ }
+
+ @Test
+ public void testGroupPrincipals() throws Exception {
+ Principal testPrincipal = getTestUser().getPrincipal();
+
+ // b) retrieve principals again (this time from the cache)
+ // -> verify that they are a different implementation
+ Iterable<? extends Principal> principalsAgain = Iterables.filter(pp.getPrincipals(userId), new GroupPredicate());
+ for (Principal p : principalsAgain) {
+ String className = p.getClass().getName();
+ assertEquals("org.apache.jackrabbit.oak.security.user.UserPrincipalProvider$CachedGroupPrincipal", className);
+
+ assertTrue(p instanceof TreeBasedPrincipal);
+ assertEquals(testGroup.getPath(), ((TreeBasedPrincipal) p).getPath());
+ assertEquals(testGroup.getPath(), ((TreeBasedPrincipal) p).getOakPath());
+
+ GroupPrincipal principalGroup = (GroupPrincipal) p;
+ assertTrue(principalGroup.isMember(testPrincipal));
+
+ Enumeration<? extends Principal> members = principalGroup.members();
+ assertTrue(members.hasMoreElements());
+ assertEquals(testPrincipal, members.nextElement());
+ assertFalse(members.hasMoreElements());
+ }
+ }
+
+ @Test
+ public void testCachedPrincipalsGroupRemoved() throws Exception {
+ testGroup.remove();
+ root.commit();
+
+ systemRoot.refresh();
+
+ // b) retrieve principals again (this time from the cache)
+ // principal for 'testGroup' is no longer backed by an user mgt group
+ // verify that this doesn't lead to runtime exceptions
+ Iterable<? extends Principal> principalsAgain = Iterables.filter(pp.getPrincipals(userId), new GroupPredicate());
+ for (Principal p : principalsAgain) {
+ String className = p.getClass().getName();
+ assertEquals("org.apache.jackrabbit.oak.security.user.UserPrincipalProvider$CachedGroupPrincipal", className);
+
+ assertTrue(p instanceof TreeBasedPrincipal);
+ try {
+ ((TreeBasedPrincipal) p).getPath();
+ fail("RepositoryException expected");
+ } catch (RepositoryException e) {
+ // success
+ }
+
+ GroupPrincipal principalGroup = (GroupPrincipal) p;
+ assertFalse(principalGroup.isMember(getTestUser().getPrincipal()));
+
+ Enumeration<? extends Principal> members = principalGroup.members();
+ assertFalse(members.hasMoreElements());
+ }
+ }
+
+ @Test
+ public void testCachedPrincipalsGroupReplacedByUser() throws Exception {
+ String id = testGroup.getID();
+ String pName = testGroup.getPrincipal().getName();
+ testGroup.remove();
+ User u = getUserManager(root).createUser(id, null);
+ root.commit();
+
+ systemRoot.refresh();
+
+ // b) retrieve principals again (this time from the cache)
+ // principal for 'testGroup' is no longer backed by an user mgt group
+ // verify that this doesn't lead to runtime exceptions
+ Iterable<? extends Principal> principalsAgain = Iterables.filter(pp.getPrincipals(userId), new GroupPredicate());
+ for (Principal p : principalsAgain) {
+ String className = p.getClass().getName();
+ assertEquals("org.apache.jackrabbit.oak.security.user.UserPrincipalProvider$CachedGroupPrincipal", className);
+ assertTrue(p instanceof TreeBasedPrincipal);
+ try {
+ ((TreeBasedPrincipal) p).getPath();
+ fail("RepositoryException expected");
+ } catch (RepositoryException e) {
+ // success
+ }
+ }
+ }
+
+ @Test(expected = RepositoryException.class)
+ public void testGetOakPathFails() throws Exception {
+ PrincipalProvider provider = new UserPrincipalProvider(systemRoot, getUserConfiguration(), new NamePathMapper.Default() {
+ @Override
+ public String getOakPath(String jcrPath) {
+ return null;
+ }
+ });
+
+ // a) initiate cache
+ provider.getPrincipals(userId);
+
+ // b) retrieve principals again (this time from the cache)
+ // principal for 'testGroup' is no longer backed by an user mgt group
+ // verify that this doesn't lead to runtime exceptions
+ Iterable<? extends Principal> principalsAgain = Iterables.filter(provider.getPrincipals(userId), new GroupPredicate());
+ for (Principal p : principalsAgain) {
+ String className = p.getClass().getName();
+ assertEquals("org.apache.jackrabbit.oak.security.user.UserPrincipalProvider$CachedGroupPrincipal", className);
+ assertTrue(p instanceof TreeBasedPrincipal);
+ // accessing oak-path must fail
+ ((TreeBasedPrincipal) p).getOakPath();
+ }
+ }
+
+ //--------------------------------------------------------------------------
+
+ private static final class GroupPredicate implements Predicate<Principal> {
+ @Override
+ public boolean apply(@Nullable Principal input) {
+ return (input instanceof GroupPrincipal) && !EveryonePrincipal.getInstance().equals(input);
+ }
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/CachedGroupPrincipalTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/EveryoneGroupTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/EveryoneGroupTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/EveryoneGroupTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/EveryoneGroupTest.java Tue Sep 29 15:59:10 2020
@@ -51,7 +51,7 @@ public class EveryoneGroupTest extends A
UserManager userMgr = getUserManager(root);
everyoneGroup = userMgr.createGroup(EveryonePrincipal.getInstance());
- authorizables = new HashSet<Authorizable>(2);
+ authorizables = new HashSet<>(2);
authorizables.add(userMgr.createGroup("testGroup"));
authorizables.add(userMgr.createUser("testUser", "pw"));
root.commit();
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java Tue Sep 29 15:59:10 2020
@@ -92,6 +92,11 @@ public class ImpersonationImplEmptyTest
return adminUser.getPrincipal();
}
+ @NotNull
+ static Subject createSubject(@NotNull Principal... principals) {
+ return new Subject(true, ImmutableSet.copyOf(principals), ImmutableSet.of(), ImmutableSet.of());
+ }
+
@Test
public void testGetImpersonators() throws Exception {
assertFalse(impersonation.getImpersonators().hasNext());
@@ -116,12 +121,7 @@ public class ImpersonationImplEmptyTest
@Test
public void testGrantAdminPrincipal() throws Exception {
- assertFalse(impersonation.grantImpersonation(new AdminPrincipal() {
- @Override
- public String getName() {
- return "name";
- }
- }));
+ assertFalse(impersonation.grantImpersonation((AdminPrincipal) () -> "name"));
}
@Test
@@ -205,6 +205,11 @@ public class ImpersonationImplEmptyTest
}
@Test
+ public void testAllowsAdminPrincipal3() throws Exception {
+ assertTrue(impersonation.allows(createSubject(new PrincipalImpl(getAdminPrincipal().getName()))));
+ }
+
+ @Test
public void testAllowsSystemPrincipal() {
assertFalse(impersonation.allows(createSubject(SystemPrincipal.INSTANCE)));
}
@@ -213,9 +218,4 @@ public class ImpersonationImplEmptyTest
public void testAllowsNonExistingPrincipal() {
assertFalse(impersonation.allows(createSubject(new PrincipalImpl("nonExisting"))));
}
-
- @NotNull
- private static Subject createSubject(@NotNull Principal... principals) {
- return new Subject(true, ImmutableSet.copyOf(principals), ImmutableSet.of(), ImmutableSet.of());
- }
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplTest.java Tue Sep 29 15:59:10 2020
@@ -19,23 +19,29 @@ package org.apache.jackrabbit.oak.securi
import java.security.Principal;
import java.util.Set;
import java.util.UUID;
+import javax.jcr.RepositoryException;
import javax.security.auth.Subject;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterators;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
+import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.when;
public class ImpersonationImplTest extends ImpersonationImplEmptyTest {
@@ -89,25 +95,65 @@ public class ImpersonationImplTest exten
@Test
public void testAllows() throws Exception {
- Subject s = new Subject(true, ImmutableSet.of(impersonator.getPrincipal()), ImmutableSet.of(), ImmutableSet.of());
- assertTrue(impersonation.allows(s));
+ assertTrue(impersonation.allows(createSubject(impersonator.getPrincipal())));
+ }
+
+ @Test
+ public void testAllowsIncludingGroup() throws Exception {
+ Group gr = getUserManager(root).createGroup("gId");
+ assertTrue(impersonation.allows(createSubject(impersonator.getPrincipal(), gr.getPrincipal())));
+ }
+
+ @Test
+ public void testAllowsExistingGroup() throws Exception {
+ Group gr = getUserManager(root).createGroup("gId");
+ try {
+ root.commit();
+ assertFalse(impersonation.allows(createSubject(new PrincipalImpl(gr.getPrincipal().getName()))));
+ } finally {
+ gr.remove();
+ root.commit();
+ }
}
@Test
public void testAllowsIncludingNonExistingGroup() throws Exception {
- Subject s = new Subject(true, ImmutableSet.of(impersonator.getPrincipal(), groupPrincipal), ImmutableSet.of(), ImmutableSet.of());
- assertTrue(impersonation.allows(s));
+ assertTrue(impersonation.allows(createSubject(impersonator.getPrincipal(), groupPrincipal)));
}
@Test
public void testAllowsImpersonatorRemoved() throws Exception {
- Subject s = new Subject(true, ImmutableSet.of(impersonator.getPrincipal()), ImmutableSet.of(), ImmutableSet.of());
-
+ Subject s = createSubject(impersonator.getPrincipal());
impersonator.remove();
assertTrue(impersonation.allows(s));
}
@Test
+ public void testAllowsNonExistingUser() {
+ assertFalse(impersonation.allows(createSubject(new PrincipalImpl("nonExisting"))));
+ }
+
+ @Test
+ public void testAllowsUserLookupFails() throws Exception {
+ Principal nonExisting = new PrincipalImpl("nonExisting");
+ UserManagerImpl uMgr = spy((UserManagerImpl) getUserManager(root));
+ when(uMgr.getAuthorizable(nonExisting)).thenThrow(new RepositoryException());
+
+ ImpersonationImpl imp = new ImpersonationImpl(new UserImpl(user.getID(), user.getTree(), uMgr));
+ assertFalse(imp.allows(createSubject(nonExisting)));
+ }
+
+ @Test
+ public void testGrantImpersonationUserLookupFails() throws Exception {
+ Principal nonExisting = new TreeBasedPrincipal("nonExisting", user.getTree(), getNamePathMapper());
+ UserManagerImpl uMgr = spy((UserManagerImpl) getUserManager(root));
+ when(uMgr.getAuthorizable(nonExisting)).thenThrow(new RepositoryException());
+
+ ImpersonationImpl imp = new ImpersonationImpl(new UserImpl(user.getID(), user.getTree(), uMgr));
+ assertFalse(imp.grantImpersonation(nonExisting));
+ }
+
+ @Test
public void testRevoke() throws Exception {
assertTrue(impersonation.revokeImpersonation(impersonator.getPrincipal()));
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/IntermediatePathTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/IntermediatePathTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/IntermediatePathTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/IntermediatePathTest.java Tue Sep 29 15:59:10 2020
@@ -36,6 +36,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@@ -76,14 +77,14 @@ public class IntermediatePathTest extend
@Test
public void testUserEmptyPath() throws Exception {
Authorizable authorizable = createAuthorizable(false, "");
- assertFalse(UserConstants.DEFAULT_USER_PATH.equals(PathUtils.getAncestorPath(authorizable.getPath(), 1)));
+ assertNotEquals(UserConstants.DEFAULT_USER_PATH, PathUtils.getAncestorPath(authorizable.getPath(), 1));
assertTrue(authorizable.getPath().startsWith(UserConstants.DEFAULT_USER_PATH));
}
@Test
public void testGroupEmptyPath() throws Exception {
Authorizable authorizable = createAuthorizable(true, "");
- assertFalse(UserConstants.DEFAULT_GROUP_PATH.equals(PathUtils.getAncestorPath(authorizable.getPath(), 1)));
+ assertNotEquals(UserConstants.DEFAULT_GROUP_PATH, PathUtils.getAncestorPath(authorizable.getPath(), 1));
assertTrue(authorizable.getPath().startsWith(UserConstants.DEFAULT_GROUP_PATH));
}
@@ -114,14 +115,14 @@ public class IntermediatePathTest extend
@Test
public void testUserRootPath() throws Exception {
Authorizable authorizable = createAuthorizable(false, UserConstants.DEFAULT_USER_PATH);
- assertFalse(UserConstants.DEFAULT_USER_PATH.equals(PathUtils.getAncestorPath(authorizable.getPath(), 1)));
+ assertNotEquals(UserConstants.DEFAULT_USER_PATH, PathUtils.getAncestorPath(authorizable.getPath(), 1));
assertTrue(authorizable.getPath().startsWith(UserConstants.DEFAULT_USER_PATH));
}
@Test
public void testGroupRootPath() throws Exception {
Authorizable authorizable = createAuthorizable(true, UserConstants.DEFAULT_GROUP_PATH);
- assertFalse(UserConstants.DEFAULT_GROUP_PATH.equals(PathUtils.getAncestorPath(authorizable.getPath(), 1)));
+ assertNotEquals(UserConstants.DEFAULT_GROUP_PATH, PathUtils.getAncestorPath(authorizable.getPath(), 1));
assertTrue(authorizable.getPath().startsWith(UserConstants.DEFAULT_GROUP_PATH));
}
@@ -185,7 +186,7 @@ public class IntermediatePathTest extend
List<String> invalidPaths = ImmutableList.of("..", "../..", "../../..", "../../../testNode","a/b/../../../c");
for (String relPath : invalidPaths) {
try {
- Authorizable authorizable = createAuthorizable(false, relPath);
+ createAuthorizable(false, relPath);
// NOTE: requires commit to detect the violation
root.commit();
fail("Invalid path " + relPath + " outside of configured scope.");
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipBaseTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipBaseTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipBaseTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipBaseTest.java Tue Sep 29 15:59:10 2020
@@ -55,8 +55,8 @@ public abstract class MembershipBaseTest
UserManagerImpl userMgr;
MembershipProvider mp;
- private Set<String> testUsers = new HashSet<String>();
- private Set<String> testGroups = new HashSet<String>();
+ private Set<String> testUsers = new HashSet<>();
+ private Set<String> testGroups = new HashSet<>();
@Before
public void before() throws Exception {
@@ -104,7 +104,7 @@ public abstract class MembershipBaseTest
@NotNull
List<String> createMembers(@NotNull Group g, int cnt) throws Exception {
- List<String> memberPaths = new ArrayList();
+ List<String> memberPaths = new ArrayList<>();
for (int i = 0; i <= cnt; i++) {
User u = createUser();
Group gr = createGroup();
@@ -141,12 +141,12 @@ public abstract class MembershipBaseTest
}
@NotNull
- Tree getTree(@NotNull String path) throws Exception {
+ Tree getTree(@NotNull String path) {
return root.getTree(path);
}
static void assertMembers(Group grp, Set<String> ms) throws RepositoryException {
- Set<String> members = new HashSet<String>(ms);
+ Set<String> members = new HashSet<>(ms);
Iterator<Authorizable> iter = grp.getMembers();
while (iter.hasNext()) {
Authorizable member = iter.next();
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipProviderTest.java Tue Sep 29 15:59:10 2020
@@ -22,11 +22,12 @@ import com.google.common.collect.Sets;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
-import org.apache.jackrabbit.oak.util.NodeUtil;
import org.junit.Before;
import org.junit.Test;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -63,11 +64,10 @@ public class MembershipProviderTest exte
Group member2 = createGroup();
gr.addMembers(member.getID(), member2.getID());
- Map m = Maps.newHashMap();
+ Map<String, String> m = Maps.newHashMap();
m.put(getContentID(member.getID()), member.getID());
m.put(getContentID(member2.getID()), member2.getID());
-
Set<String> failed = mp.removeMembers(getTree(gr), m);
assertTrue(failed.isEmpty());
}
@@ -106,7 +106,7 @@ public class MembershipProviderTest exte
List<String> memberPaths = createMembers(grp, NUM_USERS);
root.commit();
- Map<String, String> m = new HashMap();
+ Map<String, String> m = new HashMap<>();
for (String path : memberPaths) {
Tree memberTree = root.getTree(path);
String memberId = TreeUtil.getString(memberTree, REP_AUTHORIZABLE_ID);
@@ -167,8 +167,8 @@ public class MembershipProviderTest exte
Tree grTree = getTree(createGroup());
Tree memberTree = getTree(createUser());
- NodeUtil memberList = new NodeUtil(grTree).addChild(REP_MEMBERS_LIST, NT_REP_MEMBER_REFERENCES_LIST);
- memberList.addChild("member1", NT_REP_MEMBER_REFERENCES).setStrings(REP_MEMBERS, getContentID(memberTree));
+ Tree memberList = TreeUtil.addChild(grTree, REP_MEMBERS_LIST, NT_REP_MEMBER_REFERENCES_LIST);
+ TreeUtil.addChild(memberList, "member1", NT_REP_MEMBER_REFERENCES).setProperty(REP_MEMBERS, Collections.singleton(getContentID(memberTree)), Type.STRINGS);
assertTrue(mp.isDeclaredMember(grTree, memberTree));
}
@@ -178,8 +178,8 @@ public class MembershipProviderTest exte
Tree grTree = getTree(createGroup());
Tree memberTree = getTree(createUser());
- NodeUtil memberList = new NodeUtil(grTree).addChild(REP_MEMBERS_LIST, NT_REP_MEMBER_REFERENCES_LIST);
- memberList.addChild("member1", NT_REP_MEMBER_REFERENCES).setStrings(REP_MEMBERS, getContentID("another"));
+ Tree memberList = TreeUtil.addChild(grTree, REP_MEMBERS_LIST, NT_REP_MEMBER_REFERENCES_LIST);
+ TreeUtil.addChild(memberList, "member1", NT_REP_MEMBER_REFERENCES).setProperty(REP_MEMBERS, Collections.singleton(getContentID("another")), Type.STRINGS);
assertFalse(mp.isDeclaredMember(grTree, memberTree));
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipTest.java Tue Sep 29 15:59:10 2020
@@ -53,7 +53,7 @@ public class MembershipTest extends Memb
@Test
public void testManyMemberships() throws Exception {
- Set<String> memberships = new HashSet<String>();
+ Set<String> memberships = new HashSet<>();
User usr = createUser();
for (int i = 0; i < MANY_USERS; i++) {
Group grp = createGroup();
@@ -72,8 +72,8 @@ public class MembershipTest extends Memb
@Test
public void testNestedMembers() throws Exception {
- Set<String> members = new HashSet<String>();
- Set<String> declaredMembers = new HashSet<String>();
+ Set<String> members = new HashSet<>();
+ Set<String> declaredMembers = new HashSet<>();
Group grp = createGroup();
for (int i = 0; i < 10; i++) {
Group g1 = createGroup();
@@ -105,7 +105,7 @@ public class MembershipTest extends Memb
@Test
public void testNestedMemberships() throws Exception {
- Set<String> memberships = new HashSet<String>();
+ Set<String> memberships = new HashSet<>();
User user = createUser();
Group grp = createGroup();
memberships.add(grp.getID());
@@ -132,7 +132,7 @@ public class MembershipTest extends Memb
@Test
public void testAddMembersAgain() throws Exception {
- Set<String> members = new HashSet<String>();
+ Set<String> members = new HashSet<>();
Group grp = createGroup();
for (int i = 0; i < MANY_USERS; i++) {
User usr = createUser();
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipWriterTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipWriterTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipWriterTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/MembershipWriterTest.java Tue Sep 29 15:59:10 2020
@@ -60,7 +60,7 @@ public class MembershipWriterTest extend
writer.setMembershipSizeThreshold(SIZE_TH);
}
- private static void assertContentStructure(@NotNull Tree groupTree, int memberCnt) {
+ private static void assertContentStructure(@NotNull Tree groupTree) {
assertEquals(
"rep:members property must have correct number of references",
SIZE_TH,
@@ -81,7 +81,7 @@ public class MembershipWriterTest extend
assertEquals(
"rep:memberList must have correct number of child nodes.",
- (memberCnt / SIZE_TH) - 1,
+ (MembershipBaseTest.NUM_USERS / SIZE_TH) - 1,
membersList.getChildrenCount(Long.MAX_VALUE)
);
}
@@ -95,18 +95,18 @@ public class MembershipWriterTest extend
root.commit();
// check storage structure
- assertContentStructure(getTree(grp), NUM_USERS);
+ assertContentStructure(getTree(grp));
}
@Test
public void testAddMembersExceedThreshold() throws Exception {
Group grp = createGroup();
- Map idMap = createIdMap(0, NUM_USERS);
+ Map<String, String> idMap = createIdMap(0, NUM_USERS);
writer.addMembers(getTree(grp), idMap);
root.commit();
// check storage structure
- assertContentStructure(getTree(grp), NUM_USERS);
+ assertContentStructure(getTree(grp));
}
@Test
@@ -179,7 +179,7 @@ public class MembershipWriterTest extend
List<String> memberPaths = createMembers(grp, NUM_USERS);
root.commit();
- Map<String, String> m = new HashMap();
+ Map<String, String> m = new HashMap<>();
for (String path : memberPaths) {
Tree memberTree = root.getTree(path);
String memberId = TreeUtil.getString(memberTree, REP_AUTHORIZABLE_ID);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryAdminTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryAdminTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryAdminTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryAdminTest.java Tue Sep 29 15:59:10 2020
@@ -16,14 +16,6 @@
*/
package org.apache.jackrabbit.oak.security.user;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-import javax.jcr.NoSuchWorkspaceException;
-import javax.jcr.SimpleCredentials;
-import javax.security.auth.Subject;
-import javax.security.auth.login.CredentialExpiredException;
-import javax.security.auth.login.LoginException;
-
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.ContentRepository;
@@ -43,6 +35,13 @@ import org.jetbrains.annotations.NotNull
import org.junit.Before;
import org.junit.Test;
+import javax.jcr.SimpleCredentials;
+import javax.security.auth.Subject;
+import javax.security.auth.login.CredentialExpiredException;
+import javax.security.auth.login.LoginException;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
@@ -72,14 +71,9 @@ public class PasswordExpiryAdminTest ext
@NotNull
@Override
- protected ContentSession createAdminSession(@NotNull ContentRepository repository) throws LoginException, NoSuchWorkspaceException {
+ protected ContentSession createAdminSession(@NotNull ContentRepository repository) {
try {
- return Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction<ContentSession>() {
- @Override
- public ContentSession run() throws NoSuchWorkspaceException, LoginException {
- return repository.login(null, null);
- }
- });
+ return Subject.doAs(SystemSubject.INSTANCE, (PrivilegedExceptionAction<ContentSession>) () -> repository.login(null, null));
} catch (PrivilegedActionException e) {
throw new RuntimeException(e);
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryHistoryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryHistoryTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryHistoryTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordExpiryHistoryTest.java Tue Sep 29 15:59:10 2020
@@ -60,13 +60,7 @@ public class PasswordExpiryHistoryTest e
pwAction.init(null, ConfigurationParameters.of(
PasswordValidationAction.CONSTRAINT, "^.*(?=.{4,}).*"
));
- final AuthorizableActionProvider actionProvider = new AuthorizableActionProvider() {
- @NotNull
- @Override
- public List<? extends AuthorizableAction> getAuthorizableActions(@NotNull SecurityProvider securityProvider) {
- return ImmutableList.of(pwAction);
- }
- };
+ final AuthorizableActionProvider actionProvider = securityProvider -> ImmutableList.of(pwAction);
ConfigurationParameters userConfig = ConfigurationParameters.of(
ImmutableMap.of(
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java Tue Sep 29 15:59:10 2020
@@ -31,7 +31,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
-import org.apache.jackrabbit.oak.util.NodeUtil;
import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
import org.jetbrains.annotations.NotNull;
import org.junit.Test;
@@ -295,7 +294,7 @@ public class PasswordHistoryTest extends
@Test
public void testSingleTypeHistoryProperty() throws Exception {
Tree userTree = root.getTree(getTestUser().getPath());
- Tree pwdNode = new NodeUtil(userTree).getOrAddChild(REP_PWD, NT_REP_PASSWORD).getTree();
+ Tree pwdNode = TreeUtil.getOrAddChild(userTree, REP_PWD, NT_REP_PASSWORD);
pwdNode.setProperty(REP_PWD_HISTORY, "singleValuedProperty");
assertFalse(pwdNode.getProperty(REP_PWD_HISTORY).isArray());
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RandomAuthorizableNodeNameTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RandomAuthorizableNodeNameTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RandomAuthorizableNodeNameTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RandomAuthorizableNodeNameTest.java Tue Sep 29 15:59:10 2020
@@ -28,10 +28,12 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.user.AuthorizableNodeName;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.jetbrains.annotations.Nullable;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
public class RandomAuthorizableNodeNameTest extends AbstractSecurityTest {
@@ -59,13 +61,14 @@ public class RandomAuthorizableNodeNameT
return ConfigurationParameters.of(UserConfiguration.NAME, userConfig);
}
- private void assertNodeName(Authorizable authorizable) throws RepositoryException {
+ private void assertNodeName(@Nullable Authorizable authorizable) throws RepositoryException {
+ assertNotNull(authorizable);
assertEquals(id, authorizable.getID());
String path = authorizable.getPath();
Tree tree = root.getTree(path);
- assertFalse(id.equals(tree.getName()));
+ assertNotEquals(id, tree.getName());
assertEquals(RandomAuthorizableNodeName.DEFAULT_LENGTH, tree.getName().length());
}
@@ -75,7 +78,7 @@ public class RandomAuthorizableNodeNameT
String path = authorizable.getPath();
Tree tree = root.getTree(path);
- assertFalse(id.equals(tree.getName()));
+ assertNotEquals(id, tree.getName());
assertEquals(RandomAuthorizableNodeName.DEFAULT_LENGTH, tree.getName().length());
String end = '/' + relPath + '/' + tree.getName();
@@ -86,9 +89,9 @@ public class RandomAuthorizableNodeNameT
public void testGenerateNodeName() {
String nodeName = nameGenerator.generateNodeName(id);
- assertFalse("id".equals(nodeName));
+ assertNotEquals("id", nodeName);
assertEquals(RandomAuthorizableNodeName.DEFAULT_LENGTH, nodeName.length());
- assertFalse(nodeName.equals(nameGenerator.generateNodeName(id)));
+ assertNotEquals(nodeName, nameGenerator.generateNodeName(id));
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/SystemUserImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/SystemUserImplTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/SystemUserImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/SystemUserImplTest.java Tue Sep 29 15:59:10 2020
@@ -39,7 +39,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction;
import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction;
import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider;
-import org.apache.jackrabbit.oak.util.NodeUtil;
import org.jetbrains.annotations.Nullable;
import org.junit.Before;
import org.junit.Test;
@@ -210,10 +209,10 @@ public class SystemUserImplTest extends
String path = null;
try {
Tree t = root.getTree(UserConstants.DEFAULT_USER_PATH);
- NodeUtil systemUserTree = new NodeUtil(t).addChild("systemUser", UserConstants.NT_REP_SYSTEM_USER);
- systemUserTree.setString(UserConstants.REP_PRINCIPAL_NAME, "systemUser");
- systemUserTree.setString(UserConstants.REP_AUTHORIZABLE_ID, "systemUser");
- path = systemUserTree.getTree().getPath();
+ Tree systemUserTree = TreeUtil.addChild(t, "systemUser", UserConstants.NT_REP_SYSTEM_USER);
+ systemUserTree.setProperty(UserConstants.REP_PRINCIPAL_NAME, "systemUser");
+ systemUserTree.setProperty(UserConstants.REP_AUTHORIZABLE_ID, "systemUser");
+ path = systemUserTree.getPath();
root.commit();
fail();
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationFactoryImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationFactoryImplTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationFactoryImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationFactoryImplTest.java Tue Sep 29 15:59:10 2020
@@ -37,7 +37,7 @@ public class UserAuthenticationFactoryIm
}
@Test
- public void testGetAuthentication() throws Exception {
+ public void testGetAuthentication() {
Authentication authentication = factory.getAuthentication(getUserConfiguration(), root, userId);
assertNotNull(authentication);
assertTrue(authentication instanceof UserAuthentication);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationTest.java?rev=1882131&r1=1882130&r2=1882131&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserAuthenticationTest.java Tue Sep 29 15:59:10 2020
@@ -16,19 +16,6 @@
*/
package org.apache.jackrabbit.oak.security.user;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-import javax.jcr.Credentials;
-import javax.jcr.GuestCredentials;
-import javax.jcr.RepositoryException;
-import javax.jcr.SimpleCredentials;
-import javax.security.auth.login.AccountLockedException;
-import javax.security.auth.login.AccountNotFoundException;
-import javax.security.auth.login.FailedLoginException;
-import javax.security.auth.login.LoginException;
-
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
@@ -47,6 +34,17 @@ import org.junit.Before;
import org.junit.Test;
import org.mockito.internal.stubbing.answers.ThrowsException;
+import javax.jcr.Credentials;
+import javax.jcr.GuestCredentials;
+import javax.jcr.RepositoryException;
+import javax.jcr.SimpleCredentials;
+import javax.security.auth.login.AccountLockedException;
+import javax.security.auth.login.AccountNotFoundException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import java.util.ArrayList;
+import java.util.List;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotEquals;
@@ -80,7 +78,7 @@ public class UserAuthenticationTest exte
@Test
public void testAuthenticateInvalidCredentials() throws Exception {
- List<Credentials> invalid = new ArrayList<Credentials>();
+ List<Credentials> invalid = new ArrayList<>();
invalid.add(new TokenCredentials("token"));
invalid.add(new Credentials() {});
@@ -132,7 +130,7 @@ public class UserAuthenticationTest exte
@Test
public void testAuthenticateInvalidSimpleCredentials() {
- List<Credentials> invalid = new ArrayList<Credentials>();
+ List<Credentials> invalid = new ArrayList<>();
invalid.add(new SimpleCredentials(userId, "wrongPw".toCharArray()));
invalid.add(new SimpleCredentials(userId, "".toCharArray()));
invalid.add(new SimpleCredentials("unknownUser", "pw".toCharArray()));
@@ -160,11 +158,11 @@ public class UserAuthenticationTest exte
@Test
public void testAuthenticateInvalidImpersonationCredentials() {
- List<Credentials> invalid = new ArrayList<Credentials>();
+ List<Credentials> invalid = new ArrayList<>();
invalid.add(new ImpersonationCredentials(new GuestCredentials(), adminSession.getAuthInfo()));
- invalid.add(new ImpersonationCredentials(new SimpleCredentials(adminSession.getAuthInfo().getUserID(), new char[0]), new TestAuthInfo()));
+ invalid.add(new ImpersonationCredentials(new SimpleCredentials(adminSession.getAuthInfo().getUserID(), new char[0]), mockAuthInfo(userId)));
invalid.add(new ImpersonationCredentials(new SimpleCredentials("unknown", new char[0]), adminSession.getAuthInfo()));
- invalid.add(new ImpersonationCredentials(new SimpleCredentials("unknown", new char[0]), new TestAuthInfo()));
+ invalid.add(new ImpersonationCredentials(new SimpleCredentials("unknown", new char[0]), mockAuthInfo(userId)));
for (Credentials creds : invalid) {
try {
@@ -186,7 +184,7 @@ public class UserAuthenticationTest exte
@Test
public void testAuthenticateImpersonationCredentials2() throws Exception {
SimpleCredentials sc = new SimpleCredentials(userId, new char[0]);
- assertTrue(authentication.authenticate(new ImpersonationCredentials(sc, new TestAuthInfo())));
+ assertTrue(authentication.authenticate(new ImpersonationCredentials(sc, mockAuthInfo(userId))));
}
@Test
@@ -244,25 +242,10 @@ public class UserAuthenticationTest exte
//--------------------------------------------------------------------------
- private final class TestAuthInfo implements AuthInfo {
-
- @Override
- public String getUserID() {
- return userId;
- }
- @NotNull
- @Override
- public String[] getAttributeNames() {
- return new String[0];
- }
- @Override
- public Object getAttribute(String attributeName) {
- return null;
- }
- @NotNull
- @Override
- public Set<Principal> getPrincipals() {
- return null;
- }
+ private static AuthInfo mockAuthInfo(@NotNull String uid) {
+ AuthInfo ai = mock(AuthInfo.class);
+ when(ai.getUserID()).thenReturn(uid);
+ when(ai.getAttributeNames()).thenReturn(new String[0]);
+ return ai;
}
}
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplOSGiTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplOSGiTest.java?rev=1882131&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplOSGiTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplOSGiTest.java Tue Sep 29 15:59:10 2020
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import com.google.common.collect.ImmutableMap;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.api.blob.BlobAccessProvider;
+import org.apache.jackrabbit.oak.plugins.value.jcr.PartialValueFactory;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardAware;
+import org.apache.sling.testing.mock.osgi.junit.OsgiContext;
+import org.junit.Rule;
+import org.junit.Test;
+import org.osgi.framework.ServiceRegistration;
+
+import java.lang.reflect.Field;
+import java.util.Hashtable;
+
+import static org.apache.jackrabbit.oak.spi.security.user.UserConstants.PARAM_DEFAULT_DEPTH;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.withSettings;
+
+public class UserConfigurationImplOSGiTest extends AbstractSecurityTest {
+
+ @Rule
+ public final OsgiContext context = new OsgiContext();
+
+ @Test
+ public void testActivate() {
+ UserConfiguration userConfiguration = new UserConfigurationImpl(getSecurityProvider());
+ context.registerInjectActivateService(userConfiguration, ImmutableMap.of(PARAM_DEFAULT_DEPTH, "8"));
+
+ ConfigurationParameters params = userConfiguration.getParameters();
+ assertEquals(8, params.getConfigValue(PARAM_DEFAULT_DEPTH, UserConstants.DEFAULT_DEPTH).intValue());
+ }
+
+ @Test
+ public void testBlobAccessProviderFromNullWhiteboard() throws Exception {
+ SecurityProvider sp = mock(SecurityProvider.class, withSettings().extraInterfaces(WhiteboardAware.class));
+
+ UserConfigurationImpl uc = new UserConfigurationImpl(sp);
+ uc.setParameters(ConfigurationParameters.EMPTY);
+ uc.setRootProvider(getRootProvider());
+ uc.setTreeProvider(getTreeProvider());
+
+ when(sp.getConfiguration(UserConfiguration.class)).thenReturn(uc);
+
+ UserManager um = uc.getUserManager(root, getNamePathMapper());
+ assertTrue(um instanceof UserManagerImpl);
+
+ PartialValueFactory vf = ((UserManagerImpl) um).getPartialValueFactory();
+ Field f = PartialValueFactory.class.getDeclaredField("blobAccessProvider");
+ f.setAccessible(true);
+ assertSame(PartialValueFactory.DEFAULT_BLOB_ACCESS_PROVIDER, f.get(vf));
+ }
+
+ @Test
+ public void testBindBlobAccessProvider() throws Exception {
+ UserConfigurationImpl uc = new UserConfigurationImpl(getSecurityProvider());
+ context.registerInjectActivateService(uc, ImmutableMap.of(PARAM_DEFAULT_DEPTH, "8"));
+
+ BlobAccessProvider bap = mock(BlobAccessProvider.class);
+ uc.getUserManager(root, getNamePathMapper());
+ Field f = UserConfigurationImpl.class.getDeclaredField("blobAccessProvider");
+ f.setAccessible(true);
+ //Validate default service
+ assertSame(PartialValueFactory.DEFAULT_BLOB_ACCESS_PROVIDER, f.get(uc));
+
+ ServiceRegistration reg = context.bundleContext().registerService(
+ BlobAccessProvider.class.getName(),
+ bap, new Hashtable<String, Object>());
+ //Validate newly registered service
+ assertSame(bap, f.get(uc));
+
+ reg.unregister();
+ //Validate default service after unregistering newly registered service
+ assertSame(PartialValueFactory.DEFAULT_BLOB_ACCESS_PROVIDER, f.get(uc));
+ }
+}
Propchange: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImplOSGiTest.java
------------------------------------------------------------------------------
svn:eol-style = native