You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2011/04/15 16:34:46 UTC
svn commit: r1092723 [2/2] - in /jackrabbit/trunk/jackrabbit-core/src:
main/java/org/apache/jackrabbit/core/security/authorization/
main/java/org/apache/jackrabbit/core/security/authorization/acl/
main/java/org/apache/jackrabbit/core/security/authoriza...
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java Fri Apr 15 14:34:45 2011
@@ -119,9 +119,6 @@ public abstract class AbstractACLTemplat
public boolean isAllow() {
return false;
}
- public int getPrivilegeBits() throws RepositoryException {
- return privilegeMgr.getBits(privilegeMgr.getPrivilege(Privilege.JCR_READ));
- }
public String[] getRestrictionNames() {
return new String[0];
}
@@ -200,16 +197,16 @@ public abstract class AbstractACLTemplat
assertTrue(pt.addEntry(testPrincipal, modProp, false, null));
// test net-effect
- int allows = PrivilegeRegistry.NO_PRIVILEGE;
- int denies = PrivilegeRegistry.NO_PRIVILEGE;
+ PrivilegeBits allows = PrivilegeBits.getInstance();
+ PrivilegeBits denies = PrivilegeBits.getInstance();
AccessControlEntry[] entries = pt.getAccessControlEntries();
for (AccessControlEntry ace : entries) {
if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
- int entryBits = privilegeMgr.getBits(ace.getPrivileges());
+ PrivilegeBits entryBits = privilegeMgr.getBits(ace.getPrivileges());
if (((JackrabbitAccessControlEntry) ace).isAllow()) {
- allows |= Permission.diff(entryBits, denies);
+ allows.addDifference(entryBits, denies);
} else {
- denies |= Permission.diff(entryBits, allows);
+ denies.addDifference(entryBits, allows);
}
}
}
@@ -225,21 +222,21 @@ public abstract class AbstractACLTemplat
assertTrue(pt.addEntry(testPrincipal, privilegesFromName(Privilege.JCR_READ), false, Collections.<String, Value>emptyMap()));
// test net-effect
- int allows = PrivilegeRegistry.NO_PRIVILEGE;
- int denies = PrivilegeRegistry.NO_PRIVILEGE;
+ PrivilegeBits allows = PrivilegeBits.getInstance();
+ PrivilegeBits denies = PrivilegeBits.getInstance();
AccessControlEntry[] entries = pt.getAccessControlEntries();
for (AccessControlEntry ace : entries) {
if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
- int entryBits = privilegeMgr.getBits(ace.getPrivileges());
+ PrivilegeBits entryBits = privilegeMgr.getBits(ace.getPrivileges());
if (((JackrabbitAccessControlEntry) ace).isAllow()) {
- allows |= Permission.diff(entryBits, denies);
+ allows.addDifference(entryBits, denies);
} else {
- denies |= Permission.diff(entryBits, allows);
+ denies.addDifference(entryBits, allows);
}
}
}
- assertEquals(PrivilegeRegistry.NO_PRIVILEGE, allows);
+ assertTrue(allows.isEmpty());
assertEquals(privilegeMgr.getBits(privilegesFromName(Privilege.JCR_READ)), denies);
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java Fri Apr 15 14:34:45 2011
@@ -103,14 +103,14 @@ public abstract class AbstractEntryTest
assertNotNull(privs);
assertEquals(1, privs.length);
assertEquals(privs[0], acMgr.privilegeFromName(Privilege.JCR_READ));
- assertTrue(privMgr.getBits(privs) == privMgr.getBits(entry.getPrivileges()));
+ assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
entry = createEntry(new String[] {PrivilegeRegistry.REP_WRITE}, true);
privs = entry.getPrivileges();
assertNotNull(privs);
assertEquals(1, privs.length);
assertEquals(privs[0], acMgr.privilegeFromName(PrivilegeRegistry.REP_WRITE));
- assertTrue(privMgr.getBits(privs) == privMgr.getBits(entry.getPrivileges()));
+ assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
entry = createEntry(new String[] {Privilege.JCR_ADD_CHILD_NODES,
Privilege.JCR_REMOVE_CHILD_NODES}, true);
@@ -196,14 +196,10 @@ public abstract class AbstractEntryTest
acMgr.privilegeFromName(Privilege.JCR_ALL)
};
- final PrivilegeManagerImpl privMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {
public boolean isAllow() {
return true;
}
- public int getPrivilegeBits() throws AccessControlException {
- return privMgr.getBits(privs);
- }
public String[] getRestrictionNames() {
return new String[0];
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/CustomPrivilegeTest.java Fri Apr 15 14:34:45 2011
@@ -87,17 +87,12 @@ public class CustomPrivilegeTest extends
assertNotNull(p);
- assertEquals(def.isCustom(), pmgr.isCustomPrivilege(p));
assertEquals(def.isAbstract(), p.isAbstract());
Name[] danames = def.getDeclaredAggregateNames();
assertEquals(danames.length > 0, p.isAggregate());
assertEquals(danames.length, p.getDeclaredAggregatePrivileges().length);
}
- private static void assertBits(int expected, PrivilegeRegistry.Definition def, PrivilegeRegistry registry) {
- assertEquals(expected, registry.getBits(new PrivilegeRegistry.Definition[] {def}));
- }
-
private static Set<Name> createNameSet(Name... names) {
Set<Name> set = new HashSet<Name>();
set.addAll(Arrays.asList(names));
@@ -216,14 +211,12 @@ public class CustomPrivilegeTest extends
newAggregates.put(resolver.getQName("jcr:newAggregate"), createNameSet(NameConstants.JCR_READ, resolver.getQName("unknownPrivilege")));
// aggregate containing unknown privilege
newAggregates.put(resolver.getQName("newAggregate"), createNameSet(resolver.getQName("unknownPrivilege")));
- // aggregated combining built-in and custom
- newAggregates.put(resolver.getQName("newAggregate"), createNameSet(NameConstants.JCR_READ, resolver.getQName("unknownPrivilege")));
// custom aggregated contains itself
newAggregates.put(resolver.getQName("newAggregate"), createNameSet(resolver.getQName("newAggregate")));
// same as rep:write
newAggregates.put(resolver.getQName("repWriteAggregate"), createNameSet(NameConstants.JCR_MODIFY_PROPERTIES, NameConstants.JCR_ADD_CHILD_NODES, NameConstants.JCR_NODE_TYPE_MANAGEMENT, NameConstants.JCR_REMOVE_CHILD_NODES,NameConstants.JCR_REMOVE_NODE));
- // aggregating built-in -> currently not supported
- newAggregates.put(resolver.getQName("aggrBuiltIn"), createNameSet(NameConstants.JCR_MODIFY_PROPERTIES, NameConstants.JCR_READ));
+ // aggregated combining built-in and unknown custom
+ newAggregates.put(resolver.getQName("newAggregate"), createNameSet(NameConstants.JCR_READ, resolver.getQName("unknownPrivilege")));
for (Name name : newAggregates.keySet()) {
try {
@@ -238,7 +231,11 @@ public class CustomPrivilegeTest extends
public void testRegisterInvalidNewAggregate2() throws RepositoryException, FileSystemException {
Map<Name, Set<Name>> newCustomPrivs = new LinkedHashMap<Name, Set<Name>>();
newCustomPrivs.put(resolver.getQName("new"), Collections.<Name>emptySet());
- newCustomPrivs.put(resolver.getQName("new2"), Collections.<Name>singleton(resolver.getQName("new")));
+ newCustomPrivs.put(resolver.getQName("new2"), Collections.<Name>emptySet());
+ Set<Name> decl = new HashSet<Name>();
+ decl.add(resolver.getQName("new"));
+ decl.add(resolver.getQName("new2"));
+ newCustomPrivs.put(resolver.getQName("new3"), decl);
for (Name name : newCustomPrivs.keySet()) {
boolean isAbstract = true;
@@ -247,9 +244,7 @@ public class CustomPrivilegeTest extends
}
Map<Name, Set<Name>> newAggregates = new HashMap<Name, Set<Name>>();
- // a new aggregate of custom and built-in privilege
- newAggregates.put(resolver.getQName("newA1"), createNameSet(resolver.getQName("new"), NameConstants.JCR_READ));
- // other illegal aggregates already represented by registered definition.
+ // other illegal aggregates already represented by registered definition.
newAggregates.put(resolver.getQName("newA2"), Collections.<Name>singleton(resolver.getQName("new")));
newAggregates.put(resolver.getQName("newA3"), Collections.<Name>singleton(resolver.getQName("new2")));
@@ -280,7 +275,6 @@ public class CustomPrivilegeTest extends
// validate definition
PrivilegeRegistry.Definition definition = privilegeRegistry.get(name);
assertNotNull(definition);
- assertTrue(definition.isCustom());
assertEquals(name, definition.getName());
assertTrue(definition.isAbstract());
assertTrue(definition.declaredAggregateNames.isEmpty());
@@ -288,7 +282,6 @@ public class CustomPrivilegeTest extends
for (Name n : aggrNames) {
assertTrue(definition.declaredAggregateNames.contains(n));
}
- assertBits(PrivilegeRegistry.NO_PRIVILEGE, definition, privilegeRegistry);
List<Name> allAgg = Arrays.asList(privilegeRegistry.get(NameConstants.JCR_ALL).getDeclaredAggregateNames());
assertTrue(allAgg.contains(name));
@@ -308,6 +301,10 @@ public class CustomPrivilegeTest extends
Map<Name, Set<Name>> newAggregates = new HashMap<Name, Set<Name>>();
// a new aggregate of custom privileges
newAggregates.put(resolver.getQName("newA2"), createNameSet(resolver.getQName("test:new"), resolver.getQName("new")));
+ // a new aggregate of custom and built-in privilege
+ newAggregates.put(resolver.getQName("newA1"), createNameSet(resolver.getQName("new"), NameConstants.JCR_READ));
+ // aggregating built-in privileges
+ newAggregates.put(resolver.getQName("aggrBuiltIn"), createNameSet(NameConstants.JCR_MODIFY_PROPERTIES, NameConstants.JCR_READ));
for (Name name : newAggregates.keySet()) {
boolean isAbstract = false;
@@ -316,7 +313,6 @@ public class CustomPrivilegeTest extends
PrivilegeRegistry.Definition definition = privilegeRegistry.get(name);
assertNotNull(definition);
- assertTrue(definition.isCustom());
assertEquals(name, definition.getName());
assertFalse(definition.isAbstract());
assertFalse(definition.declaredAggregateNames.isEmpty());
@@ -325,8 +321,6 @@ public class CustomPrivilegeTest extends
assertTrue(definition.declaredAggregateNames.contains(n));
}
- assertBits(PrivilegeRegistry.NO_PRIVILEGE, definition, privilegeRegistry);
-
List<Name> allAgg = Arrays.asList(privilegeRegistry.get(NameConstants.JCR_ALL).getDeclaredAggregateNames());
assertTrue(allAgg.contains(name));
@@ -356,14 +350,14 @@ public class CustomPrivilegeTest extends
assertEquals(privName, priv.getName());
assertEquals(isAbstract, priv.isAbstract());
assertFalse(priv.isAggregate());
- assertEquals(PrivilegeRegistry.NO_PRIVILEGE, pm.getBits(priv));
+ assertFalse(pm.getBits(priv).isEmpty());
Privilege jcrWrite = pm.getPrivilege(Privilege.JCR_WRITE);
- assertEquals(pm.getBits(jcrWrite), pm.getBits(priv, jcrWrite));
-
+ assertFalse(pm.getBits(jcrWrite).equals(pm.getBits(priv, jcrWrite)));
}
public void testRegister100CustomPrivileges() throws RepositoryException, FileSystemException {
+ PrivilegeBits previous = privilegeRegistry.get(NameConstants.JCR_RETENTION_MANAGEMENT).getBits();
for (int i = 0; i < 100; i++) {
boolean isAbstract = true;
Name name = ((SessionImpl) superuser).getQName("test"+i);
@@ -372,6 +366,19 @@ public class CustomPrivilegeTest extends
assertNotNull(definition);
assertEquals(name, definition.getName());
+
+ PrivilegeBits bits = definition.getBits();
+ assertNotNull(bits);
+ assertFalse(bits.isEmpty());
+
+ assertFalse(previous.equals(bits));
+ assertEquals(previous.nextBits(), bits);
+
+ PrivilegeRegistry.Definition all = privilegeRegistry.get(NameConstants.JCR_ALL);
+ assertTrue(Arrays.asList(all.getDeclaredAggregateNames()).contains(name));
+ assertTrue(all.getBits().includes(bits));
+
+ previous = bits;
}
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java Fri Apr 15 14:34:45 2011
@@ -36,7 +36,9 @@ import javax.jcr.security.Privilege;
import java.security.Principal;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashSet;
import java.util.List;
+import java.util.Set;
/**
* <code>JackrabbitAccessControlListTest</code>...
@@ -127,11 +129,11 @@ public class JackrabbitAccessControlList
if (entries.length == 0) {
fail("GrantPrivileges was successful -> at least 1 entry for principal.");
}
- int allows = 0;
+ PrivilegeBits allows = PrivilegeBits.getInstance();
for (AccessControlEntry en : entries) {
- int bits = privilegeMgr.getBits(en.getPrivileges());
+ PrivilegeBits bits = privilegeMgr.getBits(en.getPrivileges());
if (en instanceof JackrabbitAccessControlEntry && ((JackrabbitAccessControlEntry) en).isAllow()) {
- allows |= bits;
+ allows.add(bits);
}
}
assertEquals(privilegeMgr.getBits(priv), allows);
@@ -145,18 +147,18 @@ public class JackrabbitAccessControlList
Principal princ = getValidPrincipal();
Privilege[] privs = privilegesFromName(PrivilegeRegistry.REP_WRITE);
- int allows = 0;
templ.addEntry(princ, privs, true, Collections.<String, Value>emptyMap());
AccessControlEntry[] entries = templ.getAccessControlEntries();
assertTrue("GrantPrivileges was successful -> at least 1 entry for principal.", entries.length > 0);
+ PrivilegeBits allows = PrivilegeBits.getInstance();
for (AccessControlEntry en : entries) {
- int bits = privilegeMgr.getBits(en.getPrivileges());
+ PrivilegeBits bits = privilegeMgr.getBits(en.getPrivileges());
if (en instanceof JackrabbitAccessControlEntry && ((JackrabbitAccessControlEntry) en).isAllow()) {
- allows |= bits;
+ allows.add(bits);
}
}
- assertTrue("After successfully granting WRITE, the entries must reflect this", allows >= privilegeMgr.getBits(privs));
+ assertTrue("After successfully granting WRITE, the entries must reflect this", allows.includes(privilegeMgr.getBits(privs)));
}
public void testAllowWriteDenyRemove() throws NotExecutableException, RepositoryException {
@@ -167,25 +169,29 @@ public class JackrabbitAccessControlList
templ.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
templ.addEntry(princ, dePriv, false, Collections.<String, Value>emptyMap());
- int allows = PrivilegeRegistry.NO_PRIVILEGE;
- int denies = PrivilegeRegistry.NO_PRIVILEGE;
+ Set<Privilege> allows = new HashSet<Privilege>();
+ Set<Privilege> denies = new HashSet<Privilege>();
AccessControlEntry[] entries = templ.getAccessControlEntries();
for (AccessControlEntry en : entries) {
if (princ.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry) {
JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
- int entryBits = privilegeMgr.getBits(ace.getPrivileges());
+ Privilege[] privs = ace.getPrivileges();
if (ace.isAllow()) {
- allows |= Permission.diff(entryBits, denies);
+ allows.addAll(Arrays.asList(privs));
} else {
- denies |= Permission.diff(entryBits, allows);
+ denies.addAll(Arrays.asList(privs));
}
}
}
- int expectedAllows = privilegeMgr.getBits(grPriv) ^ privilegeMgr.getBits(dePriv);
- assertEquals(expectedAllows, allows);
- int expectedDenies = privilegeMgr.getBits(dePriv);
- assertEquals(expectedDenies, denies);
+ String[] expected = new String[] {Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_NODE, Privilege.JCR_MODIFY_PROPERTIES, Privilege.JCR_NODE_TYPE_MANAGEMENT};
+ assertEquals(expected.length, allows.size());
+ for (String name : expected) {
+ assertTrue(allows.contains(acMgr.privilegeFromName(name)));
+ }
+
+ assertEquals(1, denies.size());
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES), denies.iterator().next());
}
public void testRemoveEntry() throws NotExecutableException, RepositoryException {
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java?rev=1092723&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java Fri Apr 15 14:34:45 2011
@@ -0,0 +1,513 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.core.security.authorization;
+
+import org.apache.jackrabbit.test.JUnitTest;
+
+/**
+ * <code>PrivilegeBitsTest</code>...
+ */
+public class PrivilegeBitsTest extends JUnitTest {
+
+ private static final PrivilegeBits READ_PRIVILEGE_BITS = PrivilegeBits.getInstance(1);
+
+ private static final long[] LONGS = new long[] {1, 2, 13, 199, 512, Long.MAX_VALUE/2, Long.MAX_VALUE-1, Long.MAX_VALUE};
+
+ @Override
+ protected void setUp() throws Exception {
+ super.setUp();
+ }
+
+ //-----------------------------------------------------------< internal >---
+
+ public void testLongValue() {
+ // empty
+ assertEquals(PrivilegeRegistry.NO_PRIVILEGE, PrivilegeBits.EMPTY.longValue());
+
+ // long based privilege bits
+ for (long l : LONGS) {
+ assertEquals(l, PrivilegeBits.getInstance(l).longValue());
+ }
+
+ // long based privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ long l = pb.longValue();
+ while (l < Long.MAX_VALUE/2) {
+ l = l << 1;
+ pb = pb.nextBits();
+ assertEquals(l, pb.longValue());
+ }
+
+ // other privilege bits: long value not available.
+ for (int i = 0; i < 10; i++) {
+ pb = pb.nextBits();
+ assertEquals(0, pb.longValue());
+ }
+
+ // modifiable privilege bits
+ pb = READ_PRIVILEGE_BITS;
+ for (int i = 0; i < 100; i++) {
+ PrivilegeBits modifiable = PrivilegeBits.getInstance(pb);
+ assertEquals(pb.longValue(), modifiable.longValue());
+ pb = pb.nextBits();
+ }
+ }
+
+ public void testNextBits() {
+ // empty
+ assertSame(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY.nextBits());
+
+ // long based privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ long l = pb.longValue();
+ while (l < Long.MAX_VALUE/2) {
+ l = l << 1;
+ pb = pb.nextBits();
+ assertEquals(l, pb.longValue());
+ }
+
+ // other privilege bits: long value not available.
+ for (int i = 0; i < 10; i++) {
+ PrivilegeBits nxt = pb.nextBits();
+ assertEquals(nxt, pb.nextBits());
+ assertFalse(pb.equals(nxt));
+ pb = nxt;
+ }
+
+ // modifiable privilege bits
+ pb = READ_PRIVILEGE_BITS;
+ for (int i = 0; i < 100; i++) {
+ PrivilegeBits modifiable = PrivilegeBits.getInstance(pb);
+ try {
+ modifiable.nextBits();
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ pb = pb.nextBits();
+ }
+ }
+
+
+ public void testUnmodifiable() {
+ assertSame(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY.unmodifiable());
+
+ // other privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+ for (int i = 0; i < 100; i++) {
+ PrivilegeBits nxt = pb.nextBits();
+ assertSame(nxt, nxt.unmodifiable());
+ assertEquals(nxt, nxt.unmodifiable());
+
+ mod.add(nxt);
+ assertNotSame(mod, mod.unmodifiable());
+ assertEquals(mod, mod.unmodifiable());
+
+ pb = nxt;
+ }
+ }
+
+ //---------------------------------------------------------------< test >---
+
+ public void testIncludesRead() {
+ // empty
+ assertFalse(PrivilegeBits.EMPTY.includesRead());
+
+ // other privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ assertTrue(pb.includesRead());
+ assertTrue(PrivilegeBits.getInstance(pb).includesRead());
+
+ PrivilegeBits mod = PrivilegeBits.getInstance();
+ for (int i = 0; i < 100; i++) {
+ mod.add(pb);
+ assertTrue(mod.includesRead());
+
+ pb = pb.nextBits();
+ assertFalse(pb.includesRead());
+ assertFalse(PrivilegeBits.getInstance(pb).includesRead());
+
+ PrivilegeBits modifiable = PrivilegeBits.getInstance(pb);
+ modifiable.add(READ_PRIVILEGE_BITS);
+ assertTrue(modifiable.includesRead());
+ }
+ }
+
+ public void testIncludes() {
+ // empty
+ assertTrue(PrivilegeBits.EMPTY.includes(PrivilegeBits.EMPTY));
+
+ // other privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ PrivilegeBits mod = PrivilegeBits.getInstance();
+
+ for (int i = 0; i < 100; i++) {
+
+ assertFalse(PrivilegeBits.EMPTY.includes(pb));
+ assertTrue(pb.includes(PrivilegeBits.EMPTY));
+
+ mod.add(pb);
+ assertTrue(mod.includes(pb));
+
+ PrivilegeBits nxt = pb.nextBits();
+ assertTrue(nxt.includes(nxt));
+ assertTrue(nxt.includes(PrivilegeBits.getInstance(nxt)));
+
+ assertFalse(pb + " should not include " + nxt, pb.includes(nxt));
+ assertFalse(nxt + " should not include " + pb, nxt.includes(pb));
+ assertFalse(mod.includes(nxt));
+ assertFalse(nxt.includes(mod));
+
+ pb = nxt;
+ }
+ }
+
+ public void testIsEmpty() {
+ // empty
+ assertTrue(PrivilegeBits.EMPTY.isEmpty());
+
+ // any other bits should not be empty
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+ for (int i = 0; i < 100; i++) {
+ assertFalse(pb.isEmpty());
+ assertFalse(PrivilegeBits.getInstance(pb).isEmpty());
+
+ pb = pb.nextBits();
+ mod.add(pb);
+ assertFalse(mod.isEmpty());
+ }
+ }
+
+ //----------------------------------------------------------------< mod >---
+
+ public void testAdd() {
+ // empty
+ try {
+ PrivilegeBits.EMPTY.add(PrivilegeBits.EMPTY);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ // other privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+ for (int i = 0; i < 100; i++) {
+ try {
+ pb.add(PrivilegeBits.EMPTY);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ try {
+ pb.add(mod);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ PrivilegeBits nxt = pb.nextBits();
+ try {
+ pb.add(nxt);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ long before = mod.longValue();
+ long nxtLong = nxt.longValue();
+
+ mod.add(nxt);
+ if (nxt.longValue() != 0) {
+ assertEquals(before | nxtLong, mod.longValue());
+ }
+ assertTrue(mod.includes(nxt));
+
+ PrivilegeBits tmp = PrivilegeBits.getInstance(pb);
+ assertTrue(tmp.includes(pb));
+ assertFalse(tmp.includes(nxt));
+ if (READ_PRIVILEGE_BITS.equals(pb)) {
+ assertTrue(tmp.includesRead());
+ } else {
+ assertFalse(tmp.includesRead());
+ }
+ tmp.add(nxt);
+ assertTrue(tmp.includes(pb) && tmp.includes(nxt));
+ if (READ_PRIVILEGE_BITS.equals(pb)) {
+ assertTrue(tmp.includesRead());
+ assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+ } else {
+ assertFalse(tmp.includesRead());
+ assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+ }
+ tmp.add(READ_PRIVILEGE_BITS);
+ assertTrue(tmp.includesRead());
+ assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+
+ pb = nxt;
+ }
+ }
+
+ public void testDiff() {
+ // empty
+ try {
+ PrivilegeBits.EMPTY.diff(PrivilegeBits.EMPTY);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ // other privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+ for (int i = 0; i < 100; i++) {
+ PrivilegeBits nxt = pb.nextBits();
+ try {
+ pb.diff(nxt);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ try {
+ pb.diff(mod);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ PrivilegeBits before = PrivilegeBits.getInstance(mod);
+ mod.diff(nxt);
+ assertEquals(before, mod);
+ mod.add(nxt);
+ assertFalse(before.equals(mod));
+ mod.diff(nxt);
+ assertEquals(before, mod);
+ mod.add(nxt);
+
+ // diff with same pb must leave original bits empty
+ PrivilegeBits tmp = PrivilegeBits.getInstance(pb);
+ tmp.add(nxt);
+ tmp.add(READ_PRIVILEGE_BITS);
+ tmp.diff(tmp);
+ assertEquals(nxt.toString(), PrivilegeBits.EMPTY, tmp);
+
+ tmp = PrivilegeBits.getInstance(pb);
+ tmp.add(nxt);
+ tmp.add(READ_PRIVILEGE_BITS);
+ tmp.diff(PrivilegeBits.getInstance(tmp));
+ assertEquals(nxt.toString(), PrivilegeBits.EMPTY, tmp);
+
+ // diff without intersection -> leave privilege unmodified.
+ tmp = PrivilegeBits.getInstance(pb);
+ tmp.diff(nxt);
+ assertEquals(PrivilegeBits.getInstance(pb), tmp);
+
+ // diff with intersection -> privilege must be modified accordingly.
+ tmp = PrivilegeBits.getInstance(nxt);
+ tmp.add(READ_PRIVILEGE_BITS);
+ assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+ assertTrue(tmp.includes(nxt));
+ tmp.diff(nxt);
+ assertEquals(READ_PRIVILEGE_BITS, tmp);
+ assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+ assertFalse(tmp.includes(nxt));
+
+ tmp = PrivilegeBits.getInstance(pb);
+ tmp.add(READ_PRIVILEGE_BITS);
+ PrivilegeBits tmp2 = PrivilegeBits.getInstance(pb);
+ tmp2.add(nxt);
+ PrivilegeBits tmp3 = PrivilegeBits.getInstance(tmp2);
+ assertEquals(tmp2, tmp3);
+ tmp.diff(tmp2);
+ if (READ_PRIVILEGE_BITS.equals(pb)) {
+ assertEquals(PrivilegeBits.EMPTY, tmp);
+ } else {
+ assertEquals(READ_PRIVILEGE_BITS, tmp);
+ }
+ // but pb passed to the diff call must not be modified.
+ assertEquals(tmp3, tmp2);
+
+ pb = nxt;
+ }
+ }
+
+ public void testAddDifference() {
+ // empty
+ try {
+ PrivilegeBits.EMPTY.addDifference(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ // other privilege bits
+ PrivilegeBits pb = READ_PRIVILEGE_BITS;
+ PrivilegeBits mod = PrivilegeBits.getInstance(pb);
+
+ for (int i = 0; i < 100; i++) {
+ PrivilegeBits nxt = pb.nextBits();
+ try {
+ pb.addDifference(nxt, mod);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ try {
+ pb.addDifference(nxt, READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ PrivilegeBits tmp = PrivilegeBits.getInstance(mod);
+ tmp.addDifference(nxt, READ_PRIVILEGE_BITS);
+ mod.add(nxt);
+ assertEquals(mod, tmp); // since there is diff(nxt, read) results in nxt
+
+ if (!pb.equals(READ_PRIVILEGE_BITS)) {
+ tmp = PrivilegeBits.getInstance(nxt);
+ PrivilegeBits mod2 = PrivilegeBits.getInstance(mod);
+ tmp.addDifference(mod2, READ_PRIVILEGE_BITS);
+ assertFalse(nxt.equals(tmp)); // tmp should be modified by addDifference call.
+ assertEquals(mod2, mod); // mod2 should not be modified here
+ assertTrue(tmp.includes(pb));
+ assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+ assertFalse(tmp.includes(mod));
+ }
+
+ tmp = PrivilegeBits.getInstance(nxt);
+ PrivilegeBits mod2 = PrivilegeBits.getInstance(mod);
+ tmp.addDifference(READ_PRIVILEGE_BITS, mod2);
+ assertEquals(nxt, tmp); // tmp not modified by addDifference call.
+ assertEquals(mod2, mod); // mod2 should not be modified here
+ assertFalse(tmp.includes(pb));
+ assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+ assertFalse(tmp.includes(mod));
+
+ tmp = PrivilegeBits.getInstance(nxt);
+ tmp.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+ assertEquals(nxt, tmp); // tmp not modified by addDifference call.
+ assertFalse(tmp.includes(READ_PRIVILEGE_BITS));
+
+ tmp = PrivilegeBits.getInstance(mod);
+ tmp.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+ assertEquals(mod, tmp); // tmp not modified by addDifference call.
+ assertTrue(tmp.includes(READ_PRIVILEGE_BITS));
+
+ pb = nxt;
+ }
+ }
+
+ //------------------------------------------------------------< general >---
+ public void testGetInstance() {
+ PrivilegeBits pb = PrivilegeBits.getInstance();
+ assertEquals(PrivilegeBits.EMPTY, pb);
+ assertNotSame(PrivilegeBits.EMPTY, pb);
+ assertNotSame(pb, pb.unmodifiable());
+ pb.add(READ_PRIVILEGE_BITS);
+ pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+ pb.diff(READ_PRIVILEGE_BITS);
+
+ pb = PrivilegeBits.getInstance(PrivilegeBits.EMPTY);
+ assertEquals(PrivilegeBits.EMPTY, pb);
+ assertNotSame(PrivilegeBits.EMPTY, pb);
+ assertNotSame(pb, pb.unmodifiable());
+ pb.add(READ_PRIVILEGE_BITS);
+ pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+ pb.diff(READ_PRIVILEGE_BITS);
+
+ pb = PrivilegeBits.getInstance(READ_PRIVILEGE_BITS);
+ assertEquals(READ_PRIVILEGE_BITS, pb);
+ assertNotSame(READ_PRIVILEGE_BITS, pb);
+ assertNotSame(pb, pb.unmodifiable());
+ pb.add(READ_PRIVILEGE_BITS);
+ pb.addDifference(READ_PRIVILEGE_BITS, PrivilegeBits.EMPTY);
+ pb.diff(READ_PRIVILEGE_BITS);
+
+ pb = PrivilegeBits.getInstance(PrivilegeRegistry.NO_PRIVILEGE);
+ assertEquals(pb, PrivilegeBits.EMPTY);
+ assertSame(pb, PrivilegeBits.EMPTY);
+ assertSame(pb, pb.unmodifiable());
+ try {
+ pb.add(READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ try {
+ pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ try {
+ pb.diff(READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+
+ try {
+ PrivilegeBits.getInstance(-1);
+ fail();
+ } catch (IllegalArgumentException e) {
+ // success.
+ }
+
+ PrivilegeBits bts = PrivilegeBits.getInstance(PrivilegeRegistry.NO_PRIVILEGE);
+ assertSame(PrivilegeBits.EMPTY, bts);
+
+ for (long l : LONGS) {
+ pb = PrivilegeBits.getInstance(l);
+ assertEquals(pb, PrivilegeBits.getInstance(l));
+ assertNotSame(pb, PrivilegeBits.getInstance(l));
+ assertSame(pb, pb.unmodifiable());
+
+ assertEquals(pb, PrivilegeBits.getInstance(pb));
+ assertEquals(PrivilegeBits.getInstance(pb), pb);
+ assertNotSame(pb, PrivilegeBits.getInstance(pb));
+
+ try {
+ pb.add(READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ try {
+ pb.addDifference(READ_PRIVILEGE_BITS, READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ try {
+ pb.diff(READ_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ }
+
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeBitsTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev URL
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java Fri Apr 15 14:34:45 2011
@@ -104,21 +104,16 @@ public class PrivilegeManagerImplTest ex
assertPrivilege(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE), PrivilegeRegistry.REP_WRITE, true, false);
}
- public void testIsCustom() throws RepositoryException {
- for (Privilege builtin : privilegeMgr.getRegisteredPrivileges()) {
- assertFalse(getPrivilegeManagerImpl().isCustomPrivilege(builtin));
- }
- }
-
public void testGetBits() throws RepositoryException {
Privilege p1 = privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES);
Privilege p2 = privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES);
Privilege[] privs = new Privilege[] {p1, p2};
- int bits = getPrivilegeManagerImpl().getBits(privs);
- assertTrue(bits > PrivilegeRegistry.NO_PRIVILEGE);
- assertTrue(bits == (getPrivilegeManagerImpl().getBits(p1) |
- getPrivilegeManagerImpl().getBits(p2)));
+ PrivilegeBits bits = getPrivilegeManagerImpl().getBits(privs);
+ assertFalse(bits.isEmpty());
+ PrivilegeBits other = getPrivilegeManagerImpl().getBits(p1);
+ other.add(getPrivilegeManagerImpl().getBits(p2));
+ assertEquals(bits, other);
}
public void testGetBitsFromCustomPrivilege() throws AccessControlException {
@@ -200,7 +195,7 @@ public class PrivilegeManagerImplTest ex
Privilege.JCR_REMOVE_NODE,
Privilege.JCR_MODIFY_PROPERTIES
};
- int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ PrivilegeBits writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
Set<Privilege> pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
@@ -215,7 +210,7 @@ public class PrivilegeManagerImplTest ex
String[] names = new String[] {
PrivilegeRegistry.REP_WRITE
};
- int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ PrivilegeBits writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
Set<Privilege> pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
@@ -244,7 +239,7 @@ public class PrivilegeManagerImplTest ex
PrivilegeRegistry.REP_WRITE,
Privilege.JCR_LIFECYCLE_MANAGEMENT
};
- int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ PrivilegeBits writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
Set<Privilege> pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistryTest.java Fri Apr 15 14:34:45 2011
@@ -46,10 +46,6 @@ public class PrivilegeRegistryTest exten
privilegeRegistry = new PrivilegeRegistry(resolver);
}
- private int getBits(PrivilegeRegistry.Definition def) {
- return privilegeRegistry.getBits(new PrivilegeRegistry.Definition[] {def});
- }
-
public void testGetAll() throws RepositoryException {
PrivilegeRegistry.Definition[] defs = privilegeRegistry.getAll();
@@ -93,7 +89,7 @@ public class PrivilegeRegistryTest exten
assertTrue(d.declaredAggregateNames.containsAll(l));
assertTrue(l.containsAll(d.declaredAggregateNames));
- assertTrue(getBits(d) > PrivilegeRegistry.NO_PRIVILEGE);
+ assertFalse(d.getBits().isEmpty());
}
}
@@ -108,7 +104,7 @@ public class PrivilegeRegistryTest exten
for (Name n : l) {
PrivilegeRegistry.Definition d = privilegeRegistry.get(n);
assertNotNull(d);
- Name[] names = privilegeRegistry.getNames(getBits(d));
+ Name[] names = privilegeRegistry.getNames(d.getBits());
assertNotNull(names);
assertEquals(1, names.length);
assertEquals(d.name, names[0]);
@@ -131,7 +127,7 @@ public class PrivilegeRegistryTest exten
assertTrue(def.declaredAggregateNames.containsAll(l));
assertTrue(l.containsAll(def.declaredAggregateNames));
- assertTrue(getBits(def) > PrivilegeRegistry.NO_PRIVILEGE);
+ assertFalse(def.getBits().isEmpty());
}
}
@@ -315,7 +311,8 @@ public class PrivilegeRegistryTest exten
}
public void testGetPrivilegesFromBits() throws RepositoryException {
- Privilege[] pvs = privilegeRegistry.getPrivileges(PrivilegeRegistry.getBits(privilegesFromNames(new String[] {Privilege.JCR_READ_ACCESS_CONTROL})));
+ int bits = PrivilegeRegistry.getBits(privilegesFromNames(new String[] {Privilege.JCR_READ_ACCESS_CONTROL}));
+ Privilege[] pvs = privilegeRegistry.getPrivileges(bits);
assertTrue(pvs != null);
assertTrue(pvs.length == 1);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java Fri Apr 15 14:34:45 2011
@@ -38,6 +38,7 @@ public class TestAll extends TestCase {
suite.addTestSuite(PrivilegeRegistryTest.class);
suite.addTestSuite(PrivilegeManagerImplTest.class);
suite.addTestSuite(CustomPrivilegeTest.class);
+ suite.addTestSuite(PrivilegeBitsTest.class);
suite.addTestSuite(JackrabbitAccessControlListTest.class);
suite.addTestSuite(GlobPatternTest.class);
suite.addTestSuite(PermissionTest.class);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java?rev=1092723&r1=1092722&r2=1092723&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java Fri Apr 15 14:34:45 2011
@@ -23,6 +23,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.core.SessionImpl;
import org.apache.jackrabbit.core.security.authorization.AbstractACLTemplateTest;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeBits;
import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.core.security.principal.PrincipalImpl;
import org.apache.jackrabbit.test.NotExecutableException;
@@ -36,7 +37,9 @@ import java.security.Principal;
import java.security.acl.Group;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashSet;
import java.util.Map;
+import java.util.Set;
/**
* <code>ACLTemplateTest</code>...
@@ -107,25 +110,31 @@ public class ACLTemplateTest extends Abs
}
public void testMultipleEntryEffect2() throws RepositoryException, NotExecutableException {
- Privilege[] privileges = privilegesFromName(PrivilegeRegistry.REP_WRITE);
+ Privilege repwrite = getAccessControlManager(superuser).privilegeFromName(PrivilegeRegistry.REP_WRITE);
+
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
- pt.addAccessControlEntry(testPrincipal, privileges);
+ pt.addAccessControlEntry(testPrincipal, new Privilege[] {repwrite});
// add deny entry for mod_props
- Privilege[] privileges2 = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
- assertTrue(pt.addEntry(testPrincipal, privileges2, false, null));
+ Privilege modProperties = getAccessControlManager(superuser).privilegeFromName(Privilege.JCR_MODIFY_PROPERTIES);
+ assertTrue(pt.addEntry(testPrincipal, new Privilege[] {modProperties}, false, null));
// net-effect: 2 entries with the allow entry being adjusted
assertTrue(pt.size() == 2);
AccessControlEntry[] entries = pt.getAccessControlEntries();
for (AccessControlEntry entry1 : entries) {
ACLTemplate.Entry entry = (ACLTemplate.Entry) entry1;
- int privs = entry.getPrivilegeBits();
+ PrivilegeBits privs = entry.getPrivilegeBits();
if (entry.isAllow()) {
- int bits = privilegeMgr.getBits(privileges) ^ privilegeMgr.getBits(privileges2);
+ Privilege[] result = privilegesFromNames(new String[] {
+ Privilege.JCR_ADD_CHILD_NODES,
+ Privilege.JCR_NODE_TYPE_MANAGEMENT,
+ Privilege.JCR_REMOVE_CHILD_NODES,
+ Privilege.JCR_REMOVE_NODE});
+ PrivilegeBits bits = privilegeMgr.getBits(result);
assertEquals(privs, bits);
} else {
- assertEquals(privs, privilegeMgr.getBits(privileges2));
+ assertEquals(privs, privilegeMgr.getBits(modProperties));
}
}
}