You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2010/02/24 19:12:52 UTC
svn commit: r915906 - in /jackrabbit/trunk/jackrabbit-core/src:
main/java/org/apache/jackrabbit/core/security/user/UserImporter.java
test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java
Author: angela
Date: Wed Feb 24 18:12:51 2010
New Revision: 915906
URL: http://svn.apache.org/viewvc?rev=915906&view=rev
Log:
- JCR-2517 : UserImporter should use User.changePassword
- fixing bug in UserImport#processReferences
Modified:
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImporter.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImporter.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImporter.java?rev=915906&r1=915905&r2=915906&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImporter.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImporter.java Wed Feb 24 18:12:51 2010
@@ -73,10 +73,6 @@
* hashed authorizable id as calculated by the UserManager. This importer
* is therefore not able to handle imports with
* {@link ImportUUIDBehavior#IMPORT_UUID_CREATE_NEW}.</li>
- * <li>The rep:password property is expected to contain the crypted password
- * value as stored in the content upon calling {@link UserManager#createUser}
- * and exposed upon {@link javax.jcr.Property#getString()}
- * or {@link javax.jcr.Session#exportSystemView}</li>
* <li>Importing user/group nodes outside of the hierarchy defined by
* {@link org.apache.jackrabbit.core.security.user.UserManagerImpl#getUsersPath()}
* and {@link org.apache.jackrabbit.core.security.user.UserManagerImpl#getGroupsPath()}
@@ -222,9 +218,8 @@
return false;
}
- // expectation: pw must already be crypted.
Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
- userManager.setProtectedProperty(parent, UserConstants.P_PASSWORD, v);
+ ((User) a).changePassword(v.getString());
return true;
@@ -297,7 +292,7 @@
userManager.autoSave(false);
}
try {
- List<Object> processed = new ArrayList();
+ List<Object> processed = new ArrayList<Object>();
for (Iterator<Object> it = referenceTracker.getProcessedReferences(); it.hasNext();) {
Object reference = it.next();
if (reference instanceof Membership) {
@@ -308,14 +303,14 @@
Group gr = (Group) a;
// 1. collect members to add and to remove.
- Map<String, Authorizable> toRemove = new HashMap();
- for (Iterator<Authorizable> aIt = gr.getDeclaredMembers(); it.hasNext();) {
- Authorizable dm = aIt.next();
+ Map<String, Authorizable> toRemove = new HashMap<String, Authorizable>();
+ for (Iterator<Authorizable> declMembers = gr.getDeclaredMembers(); declMembers.hasNext();) {
+ Authorizable dm = declMembers.next();
toRemove.put(dm.getID(), dm);
}
- List<Authorizable> toAdd = new ArrayList();
- List<Value> nonExisting = new ArrayList();
+ List<Authorizable> toAdd = new ArrayList<Authorizable>();
+ List<Value> nonExisting = new ArrayList<Value>();
for (NodeId originalId : ((Membership) reference).ids) {
@@ -361,7 +356,7 @@
NodeImpl groupNode = ((AuthorizableImpl) gr).getNode();
// build list of valid members set before ....
- List<Value> memberValues = new ArrayList();
+ List<Value> memberValues = new ArrayList<Value>();
if (groupNode.hasProperty(UserConstants.P_MEMBERS)) {
Value[] vls = groupNode.getProperty(UserConstants.P_MEMBERS).getValues();
memberValues.addAll(Arrays.asList(vls));
@@ -388,13 +383,13 @@
Impersonation imp = ((User) a).getImpersonation();
// 1. collect principals to add and to remove.
- Map<String, Principal> toRemove = new HashMap();
+ Map<String, Principal> toRemove = new HashMap<String, Principal>();
for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext();) {
Principal princ = pit.nextPrincipal();
toRemove.put(princ.getName(), princ);
}
- List<Principal> toAdd = new ArrayList();
+ List<Principal> toAdd = new ArrayList<Principal>();
Value[] vs = ((Impersonators) reference).values;
for (Value v : vs) {
String princName = v.getString();
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java?rev=915906&r1=915905&r2=915906&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserImporterTest.java Wed Feb 24 18:12:51 2010
@@ -455,6 +455,35 @@
}
}
+ public void testPlainTextPassword() throws RepositoryException, IOException, SAXException, NotExecutableException {
+ String plainPw = "myPassword";
+ String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+ "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" +
+ " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" +
+ " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>"+plainPw+"</sv:value></sv:property>" +
+ " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" +
+ "</sv:node>";
+
+ NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
+ try {
+ doImport(target, xml);
+
+ assertTrue(target.isModified());
+ assertTrue(sImpl.hasPendingChanges());
+
+ Authorizable newUser = umgr.getAuthorizable("t");
+ NodeImpl n = ((UserImpl) newUser).getNode();
+
+ String pwValue = n.getProperty(UserConstants.P_PASSWORD).getString();
+ assertFalse(plainPw.equals(pwValue));
+ assertTrue(pwValue.startsWith("{sha1}"));
+
+ } finally {
+ sImpl.refresh(false);
+ }
+ }
+
public void testMultiValuedPassword() throws RepositoryException, IOException, SAXException, NotExecutableException {
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
"<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
@@ -502,7 +531,7 @@
}
public void testIncompleteUser() throws RepositoryException, IOException, SAXException, NotExecutableException {
- List<String> incompleteXml = new ArrayList();
+ List<String> incompleteXml = new ArrayList<String>();
incompleteXml.add("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
"<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
" <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" +
@@ -735,7 +764,7 @@
Node n = testRootNode.addNode(nodeName1, ntUnstructured);
n.addMixin(mixReferenceable);
- List<String> invalid = new ArrayList();
+ List<String> invalid = new ArrayList<String>();
invalid.add(UUID.randomUUID().toString()); // random uuid
invalid.add(n.getUUID()); // uuid of non-authorizable node
@@ -770,7 +799,7 @@
Node n = testRootNode.addNode(nodeName1, ntUnstructured);
n.addMixin(mixReferenceable);
- List<String> invalid = new ArrayList();
+ List<String> invalid = new ArrayList<String>();
invalid.add(UUID.randomUUID().toString()); // random uuid
invalid.add(n.getUUID()); // uuid of non-authorizable node
@@ -801,7 +830,7 @@
Node n = testRootNode.addNode(nodeName1, ntUnstructured);
n.addMixin(mixReferenceable);
- List<String> invalid = new ArrayList();
+ List<String> invalid = new ArrayList<String>();
invalid.add(UUID.randomUUID().toString()); // random uuid
invalid.add(n.getUUID()); // uuid of non-authorizable node
@@ -1005,7 +1034,7 @@
}
public void testImportInvalidImpersonationIgnore() throws IOException, RepositoryException, SAXException, NotExecutableException {
- List<String> invalid = new ArrayList();
+ List<String> invalid = new ArrayList<String>();
invalid.add("anybody"); // an non-existing princ-name
invalid.add("administrators"); // a group
invalid.add("t"); // principal of the user itself.
@@ -1045,7 +1074,7 @@
}
public void testImportInvalidImpersonationAbort() throws IOException, RepositoryException, SAXException, NotExecutableException {
- List<String> invalid = new ArrayList();
+ List<String> invalid = new ArrayList<String>();
invalid.add("anybody"); // an non-existing princ-name
invalid.add("administrators"); // a group
invalid.add("t"); // principal of the user itself.
@@ -1424,6 +1453,4 @@
return null;
}
}
-
-
}
\ No newline at end of file