You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by tr...@apache.org on 2015/10/12 19:14:35 UTC
svn commit: r1708168 - in /jackrabbit/commons/filevault/trunk/vault-core/src:
main/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImpl.java
test/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImplTest.java
Author: tripod
Date: Mon Oct 12 17:14:34 2015
New Revision: 1708168
URL: http://svn.apache.org/viewvc?rev=1708168&view=rev
Log:
JCRVLT-99 Creating a package using package manager API requires read access to root node
- fixing root access for accessing /etc/packages
Modified:
jackrabbit/commons/filevault/trunk/vault-core/src/main/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImpl.java
jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImplTest.java
Modified: jackrabbit/commons/filevault/trunk/vault-core/src/main/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/commons/filevault/trunk/vault-core/src/main/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImpl.java?rev=1708168&r1=1708167&r2=1708168&view=diff
==============================================================================
--- jackrabbit/commons/filevault/trunk/vault-core/src/main/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImpl.java (original)
+++ jackrabbit/commons/filevault/trunk/vault-core/src/main/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImpl.java Mon Oct 12 17:14:34 2015
@@ -80,6 +80,11 @@ public class JcrPackageManagerImpl exten
private final static String[] FOLDER_TYPES = {"sling:Folder", "nt:folder", "nt:unstructured", null};
/**
+ * root path for packages
+ */
+ private final static String PACKAGE_ROOT_PATH = "/etc/packages";
+
+ /**
* internal session
*/
private final Session session;
@@ -434,7 +439,7 @@ public class JcrPackageManagerImpl exten
}
session.save();
- Node newNode = session.getRootNode().getNode(dstPath.substring(1));
+ Node newNode = session.getNode(dstPath);
return open(newNode);
}
@@ -633,40 +638,34 @@ public class JcrPackageManagerImpl exten
* {@inheritDoc}
*/
public Node getPackageRoot(boolean noCreate) throws RepositoryException {
- if (this.packRoot == null) {
- Node packRoot = session.getRootNode();
- if (packRoot.hasNode("etc")) {
- packRoot = packRoot.getNode("etc");
+ if (packRoot == null) {
+ if (session.nodeExists(PACKAGE_ROOT_PATH)) {
+ packRoot = session.getNode(PACKAGE_ROOT_PATH);
+ } else if (noCreate) {
+ return null;
} else {
- if (noCreate) {
- return null;
- }
- if (packRoot.isModified()) {
+ // assert that the session has no pending changes
+ if (session.hasPendingChanges()) {
throw new RepositoryException("Unwilling to create package root folder while session has transient changes.");
}
- packRoot = packRoot.addNode("etc", JcrConstants.NT_FOLDER);
- }
- if (packRoot.hasNode("packages")) {
- packRoot = packRoot.getNode("packages");
- } else {
- if (noCreate) {
- return null;
+ // try to create the missing intermediate nodes
+ String etcPath = Text.getRelativeParent(PACKAGE_ROOT_PATH, 1);
+ Node etc;
+ if (session.nodeExists(etcPath)) {
+ etc = session.getNode(etcPath);
+ } else {
+ etc = session.getRootNode().addNode(Text.getName(etcPath), JcrConstants.NT_FOLDER);
}
- packRoot = packRoot.addNode("packages", JcrConstants.NT_FOLDER);
+ Node pack = etc.addNode(Text.getName(PACKAGE_ROOT_PATH), JcrConstants.NT_FOLDER);
try {
session.save();
- } catch (RepositoryException e) {
- try {
- session.refresh(false);
- } catch (RepositoryException e1) {
- // ignore and re-throw original exception
- }
- throw e;
+ } finally {
+ session.refresh(false);
}
+ packRoot = pack;
}
- this.packRoot = packRoot;
}
- return this.packRoot;
+ return packRoot;
}
/**
Modified: jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImplTest.java?rev=1708168&r1=1708167&r2=1708168&view=diff
==============================================================================
--- jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImplTest.java (original)
+++ jackrabbit/commons/filevault/trunk/vault-core/src/test/java/org/apache/jackrabbit/vault/packaging/impl/JcrPackageManagerImplTest.java Mon Oct 12 17:14:34 2015
@@ -16,26 +16,36 @@
*/
package org.apache.jackrabbit.vault.packaging.impl;
+import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
+import javax.jcr.AccessDeniedException;
import javax.jcr.GuestCredentials;
import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import javax.jcr.SimpleCredentials;
+import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlManager;
+import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
+import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.vault.packaging.integration.IntegrationTestBase;
import org.junit.Test;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
- * Testcase for {@link JcrPackageManagerImpl}
+ * Test case for {@link JcrPackageManagerImpl}
*/
public class JcrPackageManagerImplTest extends IntegrationTestBase {
@@ -78,13 +88,105 @@ public class JcrPackageManagerImplTest e
}
}
+ @Test
+ public void testGetPackageRootNoCreate() throws Exception {
+ JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(admin);
+
+ assertNull(jcrPackageManager.getPackageRoot(true));
+ }
+
+ @Test
+ public void testGetPackageRootWithCreate() throws Exception {
+ JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(admin);
+
+ Node packageNode = jcrPackageManager.getPackageRoot(false);
+ assertEquals("/etc/packages", packageNode.getPath());
+ }
+
+ @Test
+ public void testGetPackageRootTwice() throws Exception {
+ JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(admin);
+ Node packageNode = jcrPackageManager.getPackageRoot(false);
+ assertSame(packageNode, jcrPackageManager.getPackageRoot());
+ }
+
+ @Test
+ public void testGetPackageRootWithAdminPendingChanges() throws Exception {
+ admin.getRootNode().addNode("testNode");
+
+ JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(admin);
+ try {
+ jcrPackageManager.getPackageRoot(false);
+ fail("transient modifications must fail the package root creation.");
+ } catch (RepositoryException e) {
+ // success
+ }
+ }
+
+ @Test
+ public void testGetPackageRootNoRootAccess() throws Exception {
+ Node packageRoot = new JcrPackageManagerImpl(admin).getPackageRoot();
+
+ // TODO: maybe rather change the setup of the test-base to not assume that everyone has full read-access
+ AccessControlManager acMgr = admin.getAccessControlManager();
+ JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
+ acMgr.removePolicy(acl.getPath(), acl);
+
+ AccessControlUtils.getAccessControlList(acMgr, "/etc/packages");
+ AccessControlUtils.allow(packageRoot, org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal.NAME, javax.jcr.security.Privilege.JCR_READ);
+
+ admin.save();
+
+ Session anonymous = repository.login(new GuestCredentials());
+ try {
+ assertFalse(anonymous.nodeExists("/"));
+ assertFalse(anonymous.nodeExists("/etc"));
+ assertTrue(anonymous.nodeExists("/etc/packages"));
+
+ JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(anonymous);
+ jcrPackageManager.getPackageRoot(false);
+ } finally {
+ anonymous.logout();
+ }
+ }
+
+ @Test
+ public void testGetPackageRootNoCreateAccess() throws Exception {
+ // TODO: maybe rather change the setup of the test-base to not assume that everyone has full read-access
+ AccessControlManager acMgr = admin.getAccessControlManager();
+ JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
+ for (AccessControlEntry ace : acl.getAccessControlEntries()) {
+ acl.removeAccessControlEntry(ace);
+ }
+ acl.addEntry(AccessControlUtils.getEveryonePrincipal(admin),
+ AccessControlUtils.privilegesFromNames(admin, javax.jcr.security.Privilege.JCR_READ),
+ true,
+ Collections.singletonMap("rep:glob", admin.getValueFactory().createValue("etc/*")));
+ admin.save();
+
+ Session anonymous = repository.login(new GuestCredentials());
+ try {
+ JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(anonymous);
+ assertNull(jcrPackageManager.getPackageRoot(true));
+
+ try {
+ jcrPackageManager.getPackageRoot(false);
+ fail();
+ } catch (AccessDeniedException e) {
+ // success
+ }
+ } finally {
+ anonymous.logout();
+ }
+ }
+
private String getNextPath(String path) throws RepositoryException {
Node currentNode = admin.getNode(path);
if (currentNode.hasNodes()) {
NodeIterator nodes = currentNode.getNodes();
while (nodes.hasNext()) {
Node node = nodes.nextNode();
- if (node.getName().equals("jcr:system")) {
+ if ("jcr:system".equals(node.getName())) {
continue;
}
String nodePath = node.getPath();