You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/02/07 17:03:43 UTC
svn commit: r1443583 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
oak-jcr/pom.xml
oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java
Author: angela
Date: Thu Feb 7 16:03:43 2013
New Revision: 1443583
URL: http://svn.apache.org/viewvc?rev=1443583&view=rev
Log:
OAK-50 : Implement User Management
- fix cyclic membership test and remove from exclusion list
- add TODO for OAK-615
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
jackrabbit/oak/trunk/oak-jcr/pom.xml
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java?rev=1443583&r1=1443582&r2=1443583&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java Thu Feb 7 16:03:43 2013
@@ -77,6 +77,10 @@ class UserValidator extends DefaultValid
String msg = "Invalid jcr:uuid for authorizable " + parentAfter.getName();
fail(msg);
}
+
+ if (REP_MEMBERS.equals(name)) {
+ checkForCyclicMembership(after);
+ }
}
@Override
@@ -101,6 +105,10 @@ class UserValidator extends DefaultValid
String msg = "Password may not be plain text.";
fail(msg);
}
+
+ if (REP_MEMBERS.equals(name)) {
+ checkForCyclicMembership(after);
+ }
}
@@ -161,6 +169,10 @@ class UserValidator extends DefaultValid
}
}
+ private void checkForCyclicMembership(PropertyState repMembers) {
+ // FIXME OAK-615
+ }
+
private static boolean isValidUUID(@Nonnull Tree parent, @Nonnull String uuid) {
String id = UserProvider.getAuthorizableId(parent);
return uuid.equals(UserProvider.getContentID(id));
Modified: jackrabbit/oak/trunk/oak-jcr/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/pom.xml?rev=1443583&r1=1443582&r2=1443583&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-jcr/pom.xml Thu Feb 7 16:03:43 2013
@@ -223,7 +223,7 @@
org.apache.jackrabbit.test.api.observation.LockingTest#testAddLockToNode
org.apache.jackrabbit.test.api.observation.LockingTest#testRemoveLockFromNode
org.apache.jackrabbit.oak.jcr.security.user.FindAuthorizablesTest#testFindAuthorizableByRelativePath <!-- OAK-343 -->
- org.apache.jackrabbit.oak.jcr.security.user.GroupTest#testCyclicGroups <!-- OAK-343 -->
+ org.apache.jackrabbit.oak.jcr.security.user.GroupTest#testCyclicGroups2 <!-- OAK-615 -->
org.apache.jackrabbit.oak.jcr.version.VersionHistoryTest#testGetVersionHistoryFromNode <!-- OAK-601 -->
org.apache.jackrabbit.oak.jcr.version.VersionHistoryTest#testGetVersionHistory <!-- OAK-602 -->
org.apache.jackrabbit.oak.jcr.version.VersionHistoryTest#testGetVersionHistoryAfterMove <!-- OAK-602 -->
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java?rev=1443583&r1=1443582&r2=1443583&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java Thu Feb 7 16:03:43 2013
@@ -30,6 +30,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.test.NotExecutableException;
import org.junit.Before;
+import org.junit.Ignore;
import org.junit.Test;
/**
@@ -58,7 +59,7 @@ public class GroupTest extends AbstractU
while (members.hasNext() && !contained) {
Object next = members.next();
assertTrue(next instanceof Authorizable);
- contained = ((Authorizable)next).getID().equals(auth.getID());
+ contained = ((Authorizable) next).getID().equals(auth.getID());
}
assertTrue("The given set of members must contain '" + auth.getID() + '\'', contained);
}
@@ -68,7 +69,7 @@ public class GroupTest extends AbstractU
while (members.hasNext() && !contained) {
Object next = members.next();
assertTrue(next instanceof Authorizable);
- contained = ((Authorizable)next).getID().equals(auth.getID());
+ contained = ((Authorizable) next).getID().equals(auth.getID());
}
assertFalse("The given set of members must not contain '" + auth.getID() + '\'', contained);
}
@@ -78,7 +79,7 @@ public class GroupTest extends AbstractU
while (groups.hasNext() && !contained) {
Object next = groups.next();
assertTrue(next instanceof Group);
- contained = ((Group)next).getID().equals(gr.getID());
+ contained = ((Group) next).getID().equals(gr.getID());
}
assertTrue("All members of a group must contain that group upon 'memberOf'.", contained);
}
@@ -88,7 +89,7 @@ public class GroupTest extends AbstractU
while (groups.hasNext() && !contained) {
Object next = groups.next();
assertTrue(next instanceof Group);
- contained = ((Group)next).getID().equals(gr.getID());
+ contained = ((Group) next).getID().equals(gr.getID());
}
assertFalse("All members of a group must contain that group upon 'memberOf'.", contained);
}
@@ -172,12 +173,12 @@ public class GroupTest extends AbstractU
@Test
public void testGetMembersContainsDeclaredMembers() throws NotExecutableException, RepositoryException {
List<String> l = new ArrayList<String>();
- for (Iterator<Authorizable> it = group.getMembers(); it.hasNext();) {
+ for (Iterator<Authorizable> it = group.getMembers(); it.hasNext(); ) {
l.add(it.next().getID());
}
- for (Iterator<Authorizable> it = group.getDeclaredMembers(); it.hasNext();) {
+ for (Iterator<Authorizable> it = group.getDeclaredMembers(); it.hasNext(); ) {
assertTrue("All declared members must also be part of the Iterator " +
- "returned upon getMembers()",l.contains(it.next().getID()));
+ "returned upon getMembers()", l.contains(it.next().getID()));
}
}
@@ -578,12 +579,41 @@ public class GroupTest extends AbstractU
group2 = userMgr.createGroup(createGroupId());
group3 = userMgr.createGroup(createGroupId());
- group1.addMember(getTestUser(superuser));
- group2.addMember(getTestUser(superuser));
-
assertTrue(group1.addMember(group2));
+ superuser.save();
assertTrue(group2.addMember(group3));
+ superuser.save();
assertFalse(group3.addMember(group1));
+ superuser.save();
+ } finally {
+ if (group1 != null) group1.remove();
+ if (group2 != null) group2.remove();
+ if (group3 != null) group3.remove();
+ }
+ }
+
+ /**
+ * @since oak 1.0 cyclic group membership added in a single set of transient
+ * modifications must be detected upon save.
+ */
+ @Ignore("OAK-615")
+ @Test
+ public void testCyclicGroups2() throws AuthorizableExistsException, RepositoryException, NotExecutableException {
+ Group group1 = null;
+ Group group2 = null;
+ Group group3 = null;
+ try {
+ group1 = userMgr.createGroup(createGroupId());
+ group2 = userMgr.createGroup(createGroupId());
+ group3 = userMgr.createGroup(createGroupId());
+
+ assertTrue(group1.addMember(group2));
+ assertTrue(group2.addMember(group3));
+ assertTrue(group3.addMember(group1));
+ superuser.save();
+ fail("Cyclic group membership must be detected");
+ } catch (RepositoryException e) {
+ // success
} finally {
if (group1 != null) group1.remove();
if (group2 != null) group2.remove();