You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2012/10/18 13:11:00 UTC
svn commit: r1399580 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/security/
oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/
oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/ oa...
Author: angela
Date: Thu Oct 18 11:10:59 2012
New Revision: 1399580
URL: http://svn.apache.org/viewvc?rev=1399580&view=rev
Log:
OAK-90 : Implement Principal Management (WIP)
OAK-50 : User Management (WIP)
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java Thu Oct 18 11:10:59 2012
@@ -38,9 +38,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.MembershipProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserProvider;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -120,10 +118,7 @@ public class SecurityProviderImpl implem
@Nonnull
@Override
public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper) {
- UserConfiguration userConfiguration = getUserConfiguration();
- UserProvider userProvider = userConfiguration.getUserProvider(root);
- MembershipProvider msProvider = userConfiguration.getMembershipProvider(root);
- return new PrincipalProviderImpl(userProvider, msProvider, namePathMapper);
+ return new PrincipalProviderImpl(root, getUserConfiguration(), namePathMapper);
}
};
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlContextImpl.java Thu Oct 18 11:10:59 2012
@@ -41,11 +41,21 @@ class AccessControlContextImpl implement
@Override
public CompiledPermissions getPermissions() {
Set<Principal> principals = subject.getPrincipals();
- if (principals.contains(AdminPrincipal.INSTANCE)) {
+ if (isAdmin(principals)) {
return AllPermissions.getInstance();
} else {
// TODO: replace with permissions based on ac evaluation
return new CompiledPermissionImpl(principals);
}
}
+
+ //--------------------------------------------------------------------------
+ private static boolean isAdmin(Set<Principal> principals) {
+ for (Principal principal : principals) {
+ if (principal instanceof AdminPrincipal) {
+ return true;
+ }
+ }
+ return false;
+ }
}
Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java?rev=1399580&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/AdminPrincipalImpl.java Thu Oct 18 11:10:59 2012
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.principal;
+
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.namepath.PathMapper;
+import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
+
+/**
+ * AdminPrincipalImpl... TODO
+ */
+public class AdminPrincipalImpl extends TreeBasedPrincipal implements AdminPrincipal {
+
+ public AdminPrincipalImpl(Tree tree, PathMapper pathMapper) {
+ super(tree, pathMapper);
+ }
+
+ public AdminPrincipalImpl(String principalName, Tree tree, PathMapper pathMapper) {
+ super(principalName, tree, pathMapper);
+ }
+}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java Thu Oct 18 11:10:59 2012
@@ -29,14 +29,15 @@ import com.google.common.base.Function;
import com.google.common.base.Predicates;
import com.google.common.collect.Iterators;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.namepath.PathMapper;
-import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
import org.apache.jackrabbit.oak.spi.security.user.MembershipProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.security.user.UserProvider;
import org.slf4j.Logger;
@@ -58,11 +59,11 @@ public class PrincipalProviderImpl imple
private final MembershipProvider membershipProvider;
private final PathMapper pathMapper;
- public PrincipalProviderImpl(UserProvider userProvider,
- MembershipProvider membershipProvider,
+ public PrincipalProviderImpl(Root root,
+ UserConfiguration userConfiguration,
PathMapper pathMapper) {
- this.userProvider = userProvider;
- this.membershipProvider = membershipProvider;
+ this.userProvider = userConfiguration.getUserProvider(root);
+ this.membershipProvider = userConfiguration.getMembershipProvider(root);
this.pathMapper = pathMapper;
}
@@ -99,12 +100,15 @@ public class PrincipalProviderImpl imple
Tree userTree = userProvider.getAuthorizable(userID, AuthorizableType.USER);
if (userTree != null) {
principals = new HashSet<Principal>();
- Principal userPrincipal = new TreeBasedPrincipal(userTree, pathMapper);
- principals.add(userPrincipal);
- principals.addAll(getGroupMembership(userPrincipal));
+ Principal userPrincipal;
if (userProvider.isAdminUser(userTree)) {
- principals.add(AdminPrincipal.INSTANCE);
+ userPrincipal = new AdminPrincipalImpl(userTree, pathMapper);
+ } else {
+ userPrincipal = new TreeBasedPrincipal(userTree, pathMapper);
}
+ principals.add(userPrincipal);
+ principals.addAll(getGroupMembership(userPrincipal));
+
} else {
principals = Collections.emptySet();
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java Thu Oct 18 11:10:59 2012
@@ -285,19 +285,6 @@ abstract class AuthorizableImpl implemen
}
//--------------------------------------------------------------------------
- /**
- * @return The node associated with this authorizable instance.
- * @throws javax.jcr.RepositoryException
- */
- @Nonnull
- Node getNode() throws RepositoryException {
- if (node == null) {
- String jcrPath = userManager.getNamePathMapper().getJcrPath(getTree().getPath());
- node = userManager.getSession().getNode(jcrPath);
- }
- return node;
- }
-
@Nonnull
Tree getTree() {
Tree tree = getUserProvider().getAuthorizable(id);
@@ -347,6 +334,18 @@ abstract class AuthorizableImpl implemen
}
/**
+ * @return The node associated with this authorizable instance.
+ * @throws javax.jcr.RepositoryException
+ */
+ @Nonnull
+ private Node getNode() throws RepositoryException {
+ if (node == null) {
+ node = userManager.getAuthorizableNode(getTree().getPath());
+ }
+ return node;
+ }
+
+ /**
* Returns true if the given property of the authorizable node is one of the
* non-protected properties defined by the rep:Authorizable node type or a
* some other descendant of the authorizable node.
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java Thu Oct 18 11:10:59 2012
@@ -204,7 +204,7 @@ class ImpersonationImpl implements Imper
}
private boolean isAdmin(Principal principal) {
- if (principal == AdminPrincipal.INSTANCE) {
+ if (principal instanceof AdminPrincipal) {
return true;
} else if (principal instanceof Group) {
return false;
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImpl.java Thu Oct 18 11:10:59 2012
@@ -24,9 +24,10 @@ import javax.jcr.UnsupportedRepositoryOp
import org.apache.jackrabbit.api.security.user.Impersonation;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.security.principal.AdminPrincipalImpl;
import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
-import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
+import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -40,8 +41,11 @@ class UserImpl extends AuthorizableImpl
*/
private static final Logger log = LoggerFactory.getLogger(UserImpl.class);
+ private final boolean isAdmin;
+
UserImpl(String id, Tree tree, UserManagerImpl userManager) throws RepositoryException {
super(id, tree, userManager);
+ isAdmin = userManager.getUserProvider().isAdminUser(tree);
}
void checkValidTree(Tree tree) throws RepositoryException {
@@ -66,7 +70,11 @@ class UserImpl extends AuthorizableImpl
public Principal getPrincipal() throws RepositoryException {
Tree userTree = getTree();
String principalName = getUserProvider().getPrincipalName(userTree);
- return new TreeBasedPrincipal(principalName, userTree, getUserManager().getNamePathMapper());
+ if (isAdmin()) {
+ return new AdminPrincipalImpl(principalName, userTree, getUserManager().getNamePathMapper());
+ } else {
+ return new TreeBasedPrincipal(principalName, userTree, getUserManager().getNamePathMapper());
+ }
}
//---------------------------------------------------------------< User >---
@@ -75,7 +83,7 @@ class UserImpl extends AuthorizableImpl
*/
@Override
public boolean isAdmin() {
- return getUserProvider().isAdminUser(getTree());
+ return isAdmin;
}
/**
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java Thu Oct 18 11:10:59 2012
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.securi
import java.security.Principal;
import java.util.Iterator;
import javax.annotation.CheckForNull;
+import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.UnsupportedRepositoryOperationException;
@@ -239,7 +240,7 @@ public class UserManagerImpl implements
*/
void onCreate(User user, String password) throws RepositoryException {
for (AuthorizableAction action : getAuthorizableActions()) {
- action.onCreate(user, password, getSession());
+ action.onCreate(user, password, session);
}
}
@@ -253,7 +254,7 @@ public class UserManagerImpl implements
*/
void onCreate(Group group) throws RepositoryException {
for (AuthorizableAction action : getAuthorizableActions()) {
- action.onCreate(group, getSession());
+ action.onCreate(group, session);
}
}
@@ -267,7 +268,7 @@ public class UserManagerImpl implements
*/
void onRemove(Authorizable authorizable) throws RepositoryException {
for (AuthorizableAction action : getAuthorizableActions()) {
- action.onRemove(authorizable, getSession());
+ action.onRemove(authorizable, session);
}
}
@@ -282,7 +283,7 @@ public class UserManagerImpl implements
*/
void onPasswordChange(User user, String password) throws RepositoryException {
for (AuthorizableAction action : getAuthorizableActions()) {
- action.onPasswordChange(user, password, getSession());
+ action.onPasswordChange(user, password, session);
}
}
@@ -292,8 +293,9 @@ public class UserManagerImpl implements
//--------------------------------------------------------------------------
- Session getSession() {
- return session;
+ Node getAuthorizableNode(String oakPath) throws RepositoryException {
+ String jcrPath = getNamePathMapper().getJcrPath(oakPath);
+ return session.getNode(jcrPath);
}
NamePathMapper getNamePathMapper() {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java Thu Oct 18 11:10:59 2012
@@ -24,23 +24,6 @@ import java.security.Principal;
* special (admin) access permissions. It may be used as the single or as
* additional non-group principal.
*/
-public final class AdminPrincipal implements Principal {
+public interface AdminPrincipal extends Principal {
- public static final String NAME = "administrator";
-
- public static final Principal INSTANCE = new AdminPrincipal();
-
- private AdminPrincipal() { }
-
- //----------------------------------------------------------< Principal >---
- @Override
- public String getName() {
- return NAME;
- }
-
- //-------------------------------------------------------------< Object >---
- @Override
- public String toString() {
- return NAME + " principal";
- }
}
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java?rev=1399580&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java Thu Oct 18 11:10:59 2012
@@ -0,0 +1,81 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.principal;
+
+import java.security.Principal;
+import java.util.Set;
+
+import org.apache.jackrabbit.oak.AbstractOakTest;
+import org.apache.jackrabbit.oak.Oak;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexHook;
+import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.junit.Before;
+import org.junit.Test;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+/**
+ * PrincipalProviderImplTest...
+ */
+public class PrincipalProviderImplTest extends AbstractOakTest {
+
+ private SecurityProvider securityProvider = new SecurityProviderImpl();
+ private ContentSession admin;
+ private PrincipalProviderImpl principalProvider;
+
+ @Before
+ public void before() throws Exception {
+ super.before();
+
+ admin = createAdminSession();
+ Root root = admin.getLatestRoot();
+ principalProvider = new PrincipalProviderImpl(root, securityProvider.getUserConfiguration(), NamePathMapper.DEFAULT);
+ }
+
+ @Override
+ protected ContentRepository createRepository() {
+ return new Oak(createMicroKernelWithInitialContent()).with(new PropertyIndexHook()).with(securityProvider).createContentRepository();
+ }
+
+ @Test
+ public void testGetPrincipals() throws Exception {
+ String adminId = admin.getAuthInfo().getUserID();
+ Set<? extends Principal> principals = principalProvider.getPrincipals(adminId);
+
+ assertNotNull(principals);
+ assertFalse(principals.isEmpty());
+ assertTrue(principals.contains(EveryonePrincipal.getInstance()));
+
+ boolean containsAdminPrincipal = false;
+ for (Principal principal : principals) {
+ assertNotNull(principalProvider.getPrincipal(principal.getName()));
+ if (principal instanceof AdminPrincipal) {
+ containsAdminPrincipal = true;
+ }
+ }
+ assertTrue(containsAdminPrincipal);
+ }
+}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java?rev=1399580&r1=1399579&r2=1399580&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java Thu Oct 18 11:10:59 2012
@@ -102,7 +102,12 @@ public class ImpersonationTest extends A
public void testAdminPrincipalAsImpersonator() throws RepositoryException, NotExecutableException {
- Principal adminPrincipal = AdminPrincipal.INSTANCE;
+ Principal adminPrincipal = new AdminPrincipal() {
+ @Override
+ public String getName() {
+ return "some-admin-name";
+ }
+ };
// admin cannot be add/remove to set of impersonators of 'u' but is
// always allowed to impersonate that user.