You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/04/09 14:19:48 UTC
svn commit: r1465990 - in
/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization:
AbstractEvaluationTest.java InheritanceTest.java MoveTest.java
NodeTypeManagementTest.java ReadTest.java VersionManagementTest.java
Author: angela
Date: Tue Apr 9 12:19:48 2013
New Revision: 1465990
URL: http://svn.apache.org/r1465990
Log:
OAK-527: permissions (wip)
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java?rev=1465990&r1=1465989&r2=1465990&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java Tue Apr 9 12:19:48 2013
@@ -109,6 +109,10 @@ public abstract class AbstractEvaluation
childchildPPath = ccp1.getPath();
siblingPath = n2.getPath();
+ // setup default permissions
+ AccessControlUtils.addAccessControlEntry(superuser, "/", testUser.getPrincipal(), privilegesFromName(Privilege.JCR_READ), true);
+ superuser.save();
+
testSession = getTestSession();
testAcMgr = getAccessControlManager(testSession);
@@ -174,13 +178,6 @@ public abstract class AbstractEvaluation
return testGroup;
}
- protected Node getTestNode() throws RepositoryException {
- if (trn == null) {
- trn = testSession.getNode(testRootNode.getPath());
- }
- return trn;
- }
-
protected String getActions(String... actions) {
StringBuilder sb = new StringBuilder();
for (String action : actions) {
@@ -215,6 +212,7 @@ public abstract class AbstractEvaluation
acMgr.setPolicy(tmpl.getPath(), tmpl);
superuser.save();
+ testSession.refresh(false);
// remember for clean up during tearDown
toClear.add(tmpl.getPath());
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java?rev=1465990&r1=1465989&r2=1465990&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java Tue Apr 9 12:19:48 2013
@@ -125,6 +125,7 @@ public class InheritanceTest extends Abs
// yet another level in the hierarchy
Node grandChild = superuser.getNode(childNPath).addNode(nodeName3);
superuser.save();
+ testSession.refresh(false);
String gcPath = grandChild.getPath();
// grant write privilege again
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java?rev=1465990&r1=1465989&r2=1465990&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java Tue Apr 9 12:19:48 2013
@@ -37,9 +37,10 @@ public class MoveTest extends AbstractEv
protected void setUp() throws Exception {
super.setUp();
- Node node3 = testRootNode.getNode(childNPath).addNode(nodeName3);
+ Node node3 = superuser.getNode(childNPath).addNode(nodeName3);
nodePath3 = node3.getPath();
superuser.save();
+ testSession.refresh(false);
}
@Test
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java?rev=1465990&r1=1465989&r2=1465990&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java Tue Apr 9 12:19:48 2013
@@ -43,12 +43,13 @@ public class NodeTypeManagementTest exte
protected void setUp() throws Exception {
super.setUp();
- Node child = testRootNode.addNode(nodeName2);
+ Node child = superuser.getNode(childNPath);
if (child.isNodeType(mixReferenceable) || !child.canAddMixin(mixReferenceable)) {
throw new NotExecutableException();
}
superuser.save();
-
+
+ testSession.refresh(false);
mixinName = testSession.getNamespacePrefix(NS_MIX_URI) + ":referenceable";
childNode = testSession.getNode(child.getPath());
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java?rev=1465990&r1=1465989&r2=1465990&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java Tue Apr 9 12:19:48 2013
@@ -33,15 +33,16 @@ import static org.junit.Assert.assertArr
public class ReadTest extends AbstractEvaluationTest {
@Test
- public void testNewNodes() throws Exception {
+ public void testChildNodes() throws Exception {
/* create some new nodes below 'path' */
Node n = superuser.getNode(path);
for (int i = 0; i < 5; i++) {
- n = n.addNode(nodeName2, testNodeType);
+ n = n.addNode(nodeName4, testNodeType);
}
superuser.save();
/* make sure the same privileges/permissions are granted as at path. */
+ testSession.refresh(false);
String childPath = n.getPath();
assertArrayEquals(readPrivileges, testAcMgr.getPrivileges(childPath));
testSession.checkPermission(childPath, Session.ACTION_READ);
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java?rev=1465990&r1=1465989&r2=1465990&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java Tue Apr 9 12:19:48 2013
@@ -53,29 +53,30 @@ public class VersionManagementTest exten
}
private Node createVersionableNode(Node parent) throws Exception {
- Node n = parent.addNode(nodeName1);
+ Node n = (parent.hasNode(nodeName1)) ? parent.getNode(nodeName1) : parent.addNode(nodeName1);
if (n.canAddMixin(mixVersionable)) {
n.addMixin(mixVersionable);
} else {
throw new NotExecutableException();
}
- superuser.save();
+ n.getSession().save();
return n;
}
@Test
public void testAddMixVersionable() throws Exception {
- Node trn = getTestNode();
+ Node trn = testSession.getNode(path);
modify(trn.getPath(), REP_WRITE, true);
modify(trn.getPath(), Privilege.JCR_VERSION_MANAGEMENT, false);
- Node n = trn.addNode(nodeName1);
+
+ Node n = trn.hasNode(nodeName2) ? trn.getNode(nodeName2) : trn.addNode(nodeName2);
try {
if (n.canAddMixin(mixVersionable)) {
n.addMixin(mixVersionable);
} else {
throw new NotExecutableException();
}
- superuser.save();
+ testSession.save();
fail("Test session does not have write permission in the version storage -> adding mixin must fail.");
} catch (AccessDeniedException e) {
// success
@@ -88,7 +89,7 @@ public class VersionManagementTest exten
@Test
public void testAddMixVersionable2() throws Exception {
- Node trn = getTestNode();
+ Node trn = testSession.getNode(path);
modify(trn.getPath(), REP_WRITE, true);
modify(trn.getPath(), Privilege.JCR_NODE_TYPE_MANAGEMENT, true);
modify(trn.getPath(), Privilege.JCR_VERSION_MANAGEMENT, true);
@@ -100,14 +101,14 @@ public class VersionManagementTest exten
@Test
public void testCheckInCheckout() throws Exception {
- Node trn = getTestNode();
- modify(trn.getPath(), REP_WRITE, true);
- modify(trn.getPath(), Privilege.JCR_VERSION_MANAGEMENT, false);
+ modify(path, REP_WRITE, true);
+ modify(path, Privilege.JCR_VERSION_MANAGEMENT, false);
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
try {
- Node n2 = trn.getNode(n.getName());
- n2.checkin();
+ testSession.refresh(false);
+ Node testNode = testSession.getNode(n.getPath());
+ testNode.checkin();
fail("Missing jcr:versionManagement privilege -> checkin/checkout must fail.");
} catch (AccessDeniedException e) {
// success
@@ -124,9 +125,9 @@ public class VersionManagementTest exten
*/
@Test
public void testRemoveVersion() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
- Node trn = getTestNode();
+ Node trn = testSession.getNode(path);
modify(trn.getPath(), Privilege.JCR_VERSION_MANAGEMENT, true);
Node testNode = trn.getNode(n.getName());
@@ -142,9 +143,9 @@ public class VersionManagementTest exten
*/
@Test
public void testRemoveVersion2() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
- Node trn = getTestNode();
+ Node trn = testSession.getNode(path);
modify(trn.getPath(), Privilege.JCR_VERSION_MANAGEMENT, true);
Node testNode = trn.getNode(n.getName());
@@ -167,7 +168,7 @@ public class VersionManagementTest exten
*/
@Test
public void testRemoveVersion3() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
Version v = n.checkin();
n.checkout();
@@ -175,7 +176,7 @@ public class VersionManagementTest exten
allow(SYSTEM, versionPrivileges);
try {
- Node testNode = getTestNode().getNode(n.getName());
+ Node testNode = testSession.getNode(n.getPath());
testNode.getVersionHistory().removeVersion(v.getName());
fail("Missing jcr:versionManagement privilege -> remove a version must fail.");
@@ -199,7 +200,7 @@ public class VersionManagementTest exten
*/
@Test
public void testAccessVersionContentWithoutStoreAccess() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
Version v = n.checkin();
VersionHistory vh = v.getVersionHistory();
n.checkout();
@@ -232,10 +233,10 @@ public class VersionManagementTest exten
*/
@Test
public void testAccessVersionHistory() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
allow(n.getPath(), versionPrivileges);
- Node testNode = getTestNode().getNode(n.getName());
+ Node testNode = testSession.getNode(n.getPath());
testNode.checkin();
testNode.checkout();
@@ -254,11 +255,10 @@ public class VersionManagementTest exten
*/
@Test
public void testAccessVersionHistoryVersionableNodeNotAccessible() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
allow(n.getPath(), versionPrivileges);
- Node trn = getTestNode();
- Node testNode = trn.getNode(n.getName());
+ Node testNode = testSession.getNode(n.getPath());
testNode.checkin();
testNode.checkout();
@@ -300,11 +300,10 @@ public class VersionManagementTest exten
*/
@Test
public void testAddVersionLabel() throws Exception {
- Node n = createVersionableNode(testRootNode);
+ Node n = createVersionableNode(superuser.getNode(path));
allow(n.getPath(), versionPrivileges);
- Node trn = getTestNode();
- Node testNode = trn.getNode(n.getName());
+ Node testNode = testSession.getNode(n.getPath());
Version v = testNode.checkin();
testNode.checkout();
Version v2 = testNode.checkin();