You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2017/03/02 08:14:35 UTC
svn commit: r1785086 - in
/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak:
security/ security/authentication/token/ spi/security/
spi/security/authentication/ spi/security/authentication/callback/
spi/security/authentication/toke...
Author: angela
Date: Thu Mar 2 08:14:35 2017
New Revision: 1785086
URL: http://svn.apache.org/viewvc?rev=1785086&view=rev
Log:
OAK-5793 : Improve coverage for security code in oak-core (wip)
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java
- copied, changed from r1784784, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractCompositeConfigurationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenConfigurationTest.java
- copied, changed from r1784784, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAuthorizationConfigurationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyRestrictionProviderTest.java
Removed:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractCompositeConfigurationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/CompositeConfigurationTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/ConfigurationParametersTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java
Copied: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java (from r1784784, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractCompositeConfigurationTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractCompositeConfigurationTest.java&r1=1784784&r2=1785086&rev=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractCompositeConfigurationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java Thu Mar 2 08:14:35 2017
@@ -14,15 +14,11 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.oak.security;
+package org.apache.jackrabbit.oak.spi.security;
import java.util.List;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
-import org.apache.jackrabbit.oak.spi.security.CompositeConfiguration;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-
-public abstract class AbstractCompositeConfigurationTest<T extends SecurityConfiguration> extends AbstractSecurityTest {
+public abstract class AbstractCompositeConfigurationTest<T extends SecurityConfiguration> {
protected CompositeConfiguration<T> compositeConfiguration;
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/CompositeConfigurationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/CompositeConfigurationTest.java?rev=1785086&r1=1785085&r2=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/CompositeConfigurationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/CompositeConfigurationTest.java Thu Mar 2 08:14:35 2017
@@ -32,12 +32,10 @@ import static org.junit.Assert.assertNul
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
-public class CompositeConfigurationTest {
+public class CompositeConfigurationTest extends AbstractCompositeConfigurationTest {
private static final String NAME = "test";
- private CompositeConfiguration compositeConfiguration;
-
@Before
public void before() throws Exception {
compositeConfiguration = new CompositeConfiguration("test", new SecurityProvider() {
@@ -69,15 +67,15 @@ public class CompositeConfigurationTest
@Test
public void testEmpty() {
assertSame(ConfigurationParameters.EMPTY, compositeConfiguration.getParameters());
- assertTrue(compositeConfiguration.getConfigurations().isEmpty());
+ assertTrue(getConfigurations().isEmpty());
}
@Test
public void testSetDefaultConfig() {
SecurityConfiguration sc = new SecurityConfiguration.Default();
- compositeConfiguration.setDefaultConfig(sc);
+ setDefault(sc);
- List<SecurityConfiguration> configurations = compositeConfiguration.getConfigurations();
+ List<SecurityConfiguration> configurations = getConfigurations();
assertFalse(configurations.isEmpty());
assertEquals(1, configurations.size());
assertEquals(sc, configurations.iterator().next());
@@ -85,17 +83,17 @@ public class CompositeConfigurationTest
@Test
public void testAddConfiguration() {
- compositeConfiguration.addConfiguration(new SecurityConfiguration.Default());
- compositeConfiguration.addConfiguration(new SecurityConfiguration.Default());
+ addConfiguration(new SecurityConfiguration.Default());
+ addConfiguration(new SecurityConfiguration.Default());
- List<SecurityConfiguration> configurations = compositeConfiguration.getConfigurations();
+ List<SecurityConfiguration> configurations = getConfigurations();
assertFalse(configurations.isEmpty());
assertEquals(2, configurations.size());
SecurityConfiguration def = new SecurityConfiguration.Default();
- compositeConfiguration.setDefaultConfig(def);
+ setDefault(def);
- configurations = compositeConfiguration.getConfigurations();
+ configurations = getConfigurations();
assertEquals(2, configurations.size());
assertFalse(configurations.contains(def));
}
@@ -103,18 +101,18 @@ public class CompositeConfigurationTest
@Test
public void testRemoveConfiguration() {
SecurityConfiguration def = new SecurityConfiguration.Default();
- compositeConfiguration.setDefaultConfig(def);
+ setDefault(def);
SecurityConfiguration sc = new SecurityConfiguration.Default();
- compositeConfiguration.addConfiguration(sc);
+ addConfiguration(sc);
- compositeConfiguration.removeConfiguration(def);
- List configurations = compositeConfiguration.getConfigurations();
+ removeConfiguration(def);
+ List configurations = getConfigurations();
assertEquals(1, configurations.size());
assertEquals(sc, configurations.iterator().next());
- compositeConfiguration.removeConfiguration(sc);
- configurations = compositeConfiguration.getConfigurations();
+ removeConfiguration(sc);
+ configurations = getConfigurations();
assertEquals(1, configurations.size());
assertEquals(def, configurations.iterator().next());
}
@@ -134,36 +132,36 @@ public class CompositeConfigurationTest
assertSame(Context.DEFAULT, def.get(ctx));
SecurityConfiguration sc = new TestConfiguration();
- compositeConfiguration.setDefaultConfig(sc);
+ setDefault(sc);
ctx = compositeConfiguration.getContext();
assertNull(delegatees.get(ctx));
assertSame(sc.getContext(), def.get(ctx));
assertSame(cls, ctx.getClass());
- compositeConfiguration.addConfiguration(sc);
+ addConfiguration(sc);
ctx = compositeConfiguration.getContext();
assertNotSame(sc.getContext(), ctx);
assertEquals(1, ((Context[]) delegatees.get(ctx)).length);
// add configuration that has DEFAULT ctx -> must not be added
SecurityConfiguration defConfig = new SecurityConfiguration.Default();
- compositeConfiguration.addConfiguration(defConfig);
+ addConfiguration(defConfig);
assertEquals(1, ((Context[]) delegatees.get(compositeConfiguration.getContext())).length);
// add same test configuration again -> no duplicate entries
- compositeConfiguration.addConfiguration(sc);
+ addConfiguration(sc);
assertEquals(1, ((Context[]) delegatees.get(compositeConfiguration.getContext())).length);
SecurityConfiguration sc2 = new TestConfiguration();
- compositeConfiguration.addConfiguration(sc2);
+ addConfiguration(sc2);
assertEquals(2, ((Context[]) delegatees.get(compositeConfiguration.getContext())).length);
- compositeConfiguration.removeConfiguration(sc2);
+ removeConfiguration(sc2);
assertEquals(1, ((Context[]) delegatees.get(compositeConfiguration.getContext())).length);
- compositeConfiguration.removeConfiguration(sc);
- compositeConfiguration.removeConfiguration(sc);
- compositeConfiguration.removeConfiguration(defConfig);
+ removeConfiguration(sc);
+ removeConfiguration(sc);
+ removeConfiguration(defConfig);
assertNull(delegatees.get(compositeConfiguration.getContext()));
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/ConfigurationParametersTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/ConfigurationParametersTest.java?rev=1785086&r1=1785085&r2=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/ConfigurationParametersTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/ConfigurationParametersTest.java Thu Mar 2 08:14:35 2017
@@ -31,14 +31,14 @@ import org.junit.After;
import org.junit.Before;
import org.junit.Test;
-import static junit.framework.Assert.assertEquals;
-import static junit.framework.Assert.assertFalse;
-import static junit.framework.Assert.assertNotNull;
-import static junit.framework.Assert.assertNull;
-import static junit.framework.Assert.assertTrue;
-import static junit.framework.Assert.fail;
import static org.junit.Assert.assertArrayEquals;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
public class ConfigurationParametersTest {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java?rev=1785086&r1=1785085&r2=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java Thu Mar 2 08:14:35 2017
@@ -58,12 +58,12 @@ import org.apache.jackrabbit.oak.spi.whi
import org.junit.Test;
import org.mockito.Mockito;
-import static junit.framework.Assert.assertEquals;
-import static junit.framework.Assert.assertNull;
-import static junit.framework.Assert.assertTrue;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
/**
* AbstractLoginModuleTest...
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java?rev=1785086&r1=1785085&r2=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java Thu Mar 2 08:14:35 2017
@@ -16,14 +16,9 @@
*/
package org.apache.jackrabbit.oak.spi.security.authentication.callback;
-import java.util.Map;
-import javax.annotation.CheckForNull;
-import javax.annotation.Nonnull;
-import javax.jcr.Credentials;
-
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertSame;
@@ -33,31 +28,7 @@ public class TokenProviderCallbackTest {
public void testCallback() {
TokenProviderCallback cb = new TokenProviderCallback();
- TokenProvider tp = new TokenProvider() {
-
- @Override
- public boolean doCreateToken(@Nonnull Credentials credentials) {
- throw new UnsupportedOperationException();
- }
-
- @CheckForNull
- @Override
- public TokenInfo createToken(@Nonnull Credentials credentials) {
- throw new UnsupportedOperationException();
- }
-
- @CheckForNull
- @Override
- public TokenInfo createToken(@Nonnull String userId, @Nonnull Map<String, ?> attributes) {
- throw new UnsupportedOperationException();
- }
-
- @CheckForNull
- @Override
- public TokenInfo getTokenInfo(@Nonnull String token) {
- throw new UnsupportedOperationException();
- }
- };
+ TokenProvider tp = Mockito.mock(TokenProvider.class);
cb.setTokenProvider(tp);
assertSame(tp, cb.getTokenProvider());
Copied: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenConfigurationTest.java (from r1784784, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenConfigurationTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenConfigurationTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java&r1=1784784&r2=1785086&rev=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenConfigurationTest.java Thu Mar 2 08:14:35 2017
@@ -14,16 +14,18 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.oak.security.authentication.token;
+package org.apache.jackrabbit.oak.spi.security.authentication.token;
import java.util.List;
+import javax.annotation.Nonnull;
-import org.apache.jackrabbit.oak.security.AbstractCompositeConfigurationTest;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.CompositeTokenConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.CompositeTokenProvider;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.spi.security.AbstractCompositeConfigurationTest;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -32,10 +34,23 @@ import static org.junit.Assert.assertTru
public class CompositeTokenConfigurationTest extends AbstractCompositeConfigurationTest<TokenConfiguration> {
- @Override
+ @Before
public void before() throws Exception {
- super.before();
- compositeConfiguration = new CompositeTokenConfiguration(getSecurityProvider());
+ compositeConfiguration = new CompositeTokenConfiguration(createSecurityProvider());
+ }
+
+ private TokenConfiguration createTokenConfiguration() {
+ return new TestTokenConfig();
+ }
+
+ private SecurityProvider createSecurityProvider() {
+ return Mockito.mock(SecurityProvider.class);
+ }
+
+ @Test
+ public void testEmptyConstructor() {
+ TokenConfiguration composite = new CompositeTokenConfiguration();
+ assertEquals(TokenConfiguration.NAME, composite.getName());
}
@Test
@@ -47,7 +62,7 @@ public class CompositeTokenConfiguration
@Test
public void testSetDefault() {
- TokenConfigurationImpl tc = new TokenConfigurationImpl(getSecurityProvider());
+ TokenConfiguration tc = createTokenConfiguration();
setDefault(tc);
List<TokenConfiguration> configs = getConfigurations();
@@ -59,7 +74,7 @@ public class CompositeTokenConfiguration
assertNotNull(configs);
assertEquals(1, configs.size());
- addConfiguration(new TokenConfigurationImpl(getSecurityProvider()));
+ addConfiguration(createTokenConfiguration());
configs = getConfigurations();
assertNotNull(configs);
assertEquals(2, configs.size());
@@ -67,7 +82,7 @@ public class CompositeTokenConfiguration
@Test
public void testAddConfiguration() {
- TokenConfigurationImpl tc = new TokenConfigurationImpl(getSecurityProvider());
+ TokenConfiguration tc = createTokenConfiguration();
addConfiguration(tc);
List<TokenConfiguration> configs = getConfigurations();
@@ -79,7 +94,7 @@ public class CompositeTokenConfiguration
assertNotNull(configs);
assertEquals(2, configs.size());
- addConfiguration(new TokenConfigurationImpl(getSecurityProvider()));
+ addConfiguration(createTokenConfiguration());
configs = getConfigurations();
assertNotNull(configs);
assertEquals(3, configs.size());
@@ -87,7 +102,7 @@ public class CompositeTokenConfiguration
@Test
public void testRemoveConfiguration() {
- TokenConfiguration tc = new TokenConfigurationImpl(getSecurityProvider());
+ TokenConfiguration tc = createTokenConfiguration();
addConfiguration(tc);
List<TokenConfiguration> configs = getConfigurations();
@@ -104,26 +119,35 @@ public class CompositeTokenConfiguration
public void testGetTokenProvider() {
CompositeTokenConfiguration ctc = (CompositeTokenConfiguration) compositeConfiguration;
+ Root root = Mockito.mock(Root.class);
+
TokenProvider tp = ctc.getTokenProvider(root);
assertNotNull(tp);
assertFalse(tp instanceof CompositeTokenProvider);
- TokenConfiguration tc = new TokenConfigurationImpl(getSecurityProvider());
+ TokenConfiguration tc = createTokenConfiguration();
setDefault(tc);
tp = ctc.getTokenProvider(root);
assertNotNull(tp);
assertFalse(tp instanceof CompositeTokenProvider);
- assertTrue(tp instanceof TokenProviderImpl);
addConfiguration(tc);
tp = ctc.getTokenProvider(root);
assertNotNull(tp);
assertFalse(tp instanceof CompositeTokenProvider);
- assertTrue(tp instanceof TokenProviderImpl);
- addConfiguration(new TokenConfigurationImpl(getSecurityProvider()));
+ addConfiguration(createTokenConfiguration());
tp = ctc.getTokenProvider(root);
assertNotNull(tp);
assertTrue(tp instanceof CompositeTokenProvider);
}
+
+ private static final class TestTokenConfig extends ConfigurationBase implements TokenConfiguration {
+
+ @Nonnull
+ @Override
+ public TokenProvider getTokenProvider(Root root) {
+ return Mockito.mock(TokenProvider.class);
+ }
+ }
}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java?rev=1785086&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java Thu Mar 2 08:14:35 2017
@@ -0,0 +1,157 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.token;
+
+import java.util.Map;
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import javax.jcr.Credentials;
+import javax.jcr.GuestCredentials;
+import javax.jcr.SimpleCredentials;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
+
+public class CompositeTokenProviderTest {
+
+ private static final String TOKEN = "t";
+ private TokenInfo info;
+
+ private TokenProvider composite;
+
+ @Before
+ public void before() {
+ info = Mockito.mock(TokenInfo.class);
+ Mockito.when(info.getToken()).thenReturn(TOKEN);
+
+ TokenProvider tp1 = Mockito.mock(TokenProvider.class);
+ TokenProvider tp2 = new TestTokenProvider();
+
+ composite = CompositeTokenProvider.newInstance(tp1, tp2);
+ }
+
+ @Test
+ public void testNullProvider() {
+ TokenProvider tp = CompositeTokenProvider.newInstance();
+
+ assertSame(tp, CompositeTokenProvider.newInstance(ImmutableList.<TokenProvider>of()));
+
+ Credentials creds = new Credentials() {};
+
+ assertFalse(tp.doCreateToken(null));
+ assertFalse(tp.doCreateToken(creds));
+
+ assertNull(tp.createToken(null, null));
+ assertNull(tp.createToken("userID", ImmutableMap.<String, String>of()));
+
+ assertNull(tp.createToken(null));
+ assertNull(tp.createToken(creds));
+
+ assertNull(tp.getTokenInfo(null));
+ assertNull(tp.getTokenInfo("anyString"));
+ }
+
+ @Test
+ public void testSingleProvider() {
+ TokenProvider base = Mockito.mock(TokenProvider.class);
+
+ TokenProvider tp = CompositeTokenProvider.newInstance(base);
+
+ assertSame(base, tp);
+ assertSame(base, CompositeTokenProvider.newInstance(ImmutableList.of(base)));
+ }
+
+ @Test
+ public void testCreateCompositeProvider() {
+ assertTrue(composite instanceof CompositeTokenProvider);
+ }
+
+ @Test
+ public void testCreateCompositeProviderFromList() {
+ TokenProvider base = Mockito.mock(TokenProvider.class);
+ TokenProvider tp = CompositeTokenProvider.newInstance(ImmutableList.of(base, base));
+ assertTrue(tp instanceof CompositeTokenProvider);
+ }
+
+ @Test
+ public void testDoCreateToken() {
+ assertTrue(composite.doCreateToken(new SimpleCredentials("id", new char[0])));
+ assertFalse(composite.doCreateToken(new GuestCredentials()));
+ assertFalse(composite.doCreateToken(new Credentials() {}));
+ }
+
+ @Test
+ public void testCreateTokenFromCredentials() {
+ assertSame(info, composite.createToken(new SimpleCredentials("id", new char[0])));
+ assertNull(composite.createToken(new GuestCredentials()));
+ assertNull(composite.createToken(new Credentials() {
+ }));
+ }
+
+ @Test(expected = UnsupportedOperationException.class)
+ public void testCreateTokenFromId() {
+ composite.createToken("id", ImmutableMap.<String, Object>of());
+ }
+
+ @Test
+ public void testGetTokenInfo() {
+ assertSame(info, composite.getTokenInfo(TOKEN));
+ assertNull(composite.getTokenInfo("any"));
+ }
+
+ private final class TestTokenProvider implements TokenProvider {
+ @Override
+ public boolean doCreateToken(@Nonnull Credentials credentials) {
+ return credentials instanceof SimpleCredentials;
+ }
+
+ @CheckForNull
+ @Override
+ public TokenInfo createToken(@Nonnull Credentials credentials) {
+ if (credentials instanceof SimpleCredentials) {
+ return info;
+ } else {
+ return null;
+ }
+ }
+
+ @CheckForNull
+ @Override
+ public TokenInfo createToken(@Nonnull String userId, @Nonnull Map<String, ?> attributes) {
+ throw new UnsupportedOperationException();
+
+ }
+
+ @CheckForNull
+ @Override
+ public TokenInfo getTokenInfo(@Nonnull String token) {
+ if (TOKEN.equals(token)) {
+ return info;
+ } else {
+ return null;
+ }
+ }
+ };
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAuthorizationConfigurationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAuthorizationConfigurationTest.java?rev=1785086&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAuthorizationConfigurationTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAuthorizationConfigurationTest.java Thu Mar 2 08:14:35 2017
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization;
+
+import java.security.Principal;
+
+import com.google.common.collect.ImmutableSet;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.authorization.permission.OpenPermissionProvider;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertSame;
+
+public class OpenAuthorizationConfigurationTest {
+
+ private final OpenAuthorizationConfiguration config = new OpenAuthorizationConfiguration();
+
+ @Test(expected = UnsupportedOperationException.class)
+ public void testGetAccessControlManager() {
+ config.getAccessControlManager(Mockito.mock(Root.class), NamePathMapper.DEFAULT);
+ }
+
+ @Test(expected = UnsupportedOperationException.class)
+ public void testGetRestrictionProvider() {
+ config.getRestrictionProvider();
+ }
+
+ @Test
+ public void testGetPermissionProvider() {
+ assertSame(OpenPermissionProvider.getInstance(), config.getPermissionProvider(Mockito.mock(Root.class), "default", ImmutableSet.<Principal>of()));
+ }
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java?rev=1785086&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java Thu Mar 2 08:14:35 2017
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization.restriction;
+
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertTrue;
+
+public class EmptyPatternTest {
+
+ @Test
+ public void testMatches() {
+ assertTrue(RestrictionPattern.EMPTY.matches());
+ }
+
+ @Test
+ public void testMatchesPath() {
+ assertTrue(RestrictionPattern.EMPTY.matches("/any/path"));
+ }
+
+ @Test
+ public void testMatchesTree() {
+ assertTrue(RestrictionPattern.EMPTY.matches(Mockito.mock(Tree.class), null));
+ }
+
+ @Test
+ public void testMatchesProperty() {
+ assertTrue(RestrictionPattern.EMPTY.matches(Mockito.mock(Tree.class), Mockito.mock(PropertyState.class)));
+ }
+
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyRestrictionProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyRestrictionProviderTest.java?rev=1785086&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyRestrictionProviderTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyRestrictionProviderTest.java Thu Mar 2 08:14:35 2017
@@ -0,0 +1,87 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization.restriction;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import javax.jcr.security.AccessControlException;
+
+import com.google.common.collect.ImmutableSet;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
+
+public class EmptyRestrictionProviderTest {
+
+ @Test
+ public void testGetSupportedRestrictions() {
+ assertTrue(RestrictionProvider.EMPTY.getSupportedRestrictions(null).isEmpty());
+ assertTrue(RestrictionProvider.EMPTY.getSupportedRestrictions("/any/path").isEmpty());
+ }
+
+ @Test(expected = AccessControlException.class)
+ public void testCreateRestrictionSingleValue() throws RepositoryException {
+ Value v = Mockito.mock(Value.class);
+ RestrictionProvider.EMPTY.createRestriction(null, "name", v);
+ }
+
+ @Test(expected = AccessControlException.class)
+ public void testCreateRestrictionMvValues() throws RepositoryException {
+ Value v = Mockito.mock(Value.class);
+ RestrictionProvider.EMPTY.createRestriction(null, "name", v, v);
+ }
+
+ @Test(expected = AccessControlException.class)
+ public void testCreateRestrictionEmptyValues() throws RepositoryException {
+ RestrictionProvider.EMPTY.createRestriction(null, "name");
+ }
+
+ @Test
+ public void testReadRestrictions() {
+ assertTrue(RestrictionProvider.EMPTY.readRestrictions(null, Mockito.mock(Tree.class)).isEmpty());
+ assertTrue(RestrictionProvider.EMPTY.readRestrictions("/any/path", Mockito.mock(Tree.class)).isEmpty());
+ }
+
+ @Test
+ public void testWriteRestrictions() throws Exception {
+ Restriction r = Mockito.mock(Restriction.class);
+ RestrictionProvider.EMPTY.writeRestrictions(null, Mockito.mock(Tree.class), ImmutableSet.of(r));
+ RestrictionProvider.EMPTY.writeRestrictions("/any/path", Mockito.mock(Tree.class), ImmutableSet.of(r));
+ }
+
+ @Test
+ public void testValidateRestrictions() throws Exception {
+ RestrictionProvider.EMPTY.validateRestrictions(null, Mockito.mock(Tree.class));
+ RestrictionProvider.EMPTY.validateRestrictions("/any/path", Mockito.mock(Tree.class));
+ }
+
+ @Test
+ public void testGetPattern() {
+ Restriction r = Mockito.mock(Restriction.class);
+ assertSame(RestrictionPattern.EMPTY, RestrictionProvider.EMPTY.getPattern(null, ImmutableSet.of(r)));
+ assertSame(RestrictionPattern.EMPTY, RestrictionProvider.EMPTY.getPattern("/any/path", ImmutableSet.of(r)));
+ }
+
+ @Test
+ public void testGetPatternFromTree() {
+ assertSame(RestrictionPattern.EMPTY, RestrictionProvider.EMPTY.getPattern(null, Mockito.mock(Tree.class)));
+ assertSame(RestrictionPattern.EMPTY, RestrictionProvider.EMPTY.getPattern("/any/path", Mockito.mock(Tree.class)));
+ }
+}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java?rev=1785086&r1=1785085&r2=1785086&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java Thu Mar 2 08:14:35 2017
@@ -23,6 +23,7 @@ import java.util.List;
import java.util.Map;
import java.util.Random;
+import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
@@ -33,6 +34,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
@@ -98,10 +100,16 @@ public class PrivilegeBitsTest extends A
}
@Test
- public void testNextBits() {
+ public void testNextBitsFromEmpty() {
// empty
assertSame(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY.nextBits());
+ PrivilegeBits bits = PrivilegeBits.getInstance().unmodifiable();
+ assertSame(bits, bits.nextBits());
+ }
+
+ @Test
+ public void testNextBits() {
// long based privilege bits
PrivilegeBits pb = READ_NODES_PRIVILEGE_BITS;
long l = getLongValue(pb);
@@ -154,6 +162,18 @@ public class PrivilegeBitsTest extends A
}
@Test
+ public void testModifiable() {
+ assertNotSame(PrivilegeBits.EMPTY, PrivilegeBits.EMPTY.modifiable());
+
+ // other privilege bits
+ PrivilegeBits mod = PrivilegeBits.getInstance(READ_NODES_PRIVILEGE_BITS);
+
+ assertSame(mod, mod.modifiable());
+ assertNotSame(mod, mod.unmodifiable());
+ assertNotEquals(mod, mod.unmodifiable());
+ }
+
+ @Test
public void testIncludes() {
// empty
assertTrue(PrivilegeBits.EMPTY.includes(PrivilegeBits.EMPTY));
@@ -619,6 +639,44 @@ public class PrivilegeBitsTest extends A
}
@Test
+ public void testGetInstanceFromMvPropertyState() {
+ PropertyState property = PropertyStates.createProperty("name", ImmutableSet.of(Long.MAX_VALUE, Long.MIN_VALUE / 2), Type.LONGS);
+
+ PrivilegeBits pb = PrivilegeBits.getInstance(property);
+
+ assertEquivalent(pb, PrivilegeBits.getInstance(property));
+ assertSame(pb, pb.unmodifiable());
+
+ assertEquivalent(pb, PrivilegeBits.getInstance(pb));
+ assertEquivalent(PrivilegeBits.getInstance(pb), pb);
+ assertNotSame(pb, PrivilegeBits.getInstance(pb));
+
+ try {
+ pb.add(READ_NODES_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ try {
+ pb.addDifference(READ_NODES_PRIVILEGE_BITS, READ_NODES_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ try {
+ pb.diff(READ_NODES_PRIVILEGE_BITS);
+ fail("UnsupportedOperation expected");
+ } catch (UnsupportedOperationException e) {
+ // success
+ }
+ }
+
+ @Test
+ public void testGetInstanceFromNullPropertyState() {
+ assertSame(PrivilegeBits.EMPTY, PrivilegeBits.getInstance((PropertyState) null));
+ }
+
+ @Test
public void testGetInstanceFromTree() {
Tree privRoot = root.getTree(PRIVILEGES_PATH);
try {
@@ -640,6 +698,11 @@ public class PrivilegeBitsTest extends A
}
@Test
+ public void testGetInstanceFromNullTree() {
+ assertSame(PrivilegeBits.EMPTY, PrivilegeBits.getInstance((Tree) null));
+ }
+
+ @Test
public void testCalculatePermissions() {
PrivilegeBitsProvider provider = new PrivilegeBitsProvider(root);
@@ -684,6 +747,11 @@ public class PrivilegeBitsTest extends A
PrivilegeBits all = provider.getBits(JCR_ALL);
assertFalse(Permissions.ALL == PrivilegeBits.calculatePermissions(all, PrivilegeBits.EMPTY, true));
assertTrue(Permissions.ALL == PrivilegeBits.calculatePermissions(all, all, true));
+ }
+
+ @Test
+ public void testCalculatePermissionsParentAwareAllow() {
+ PrivilegeBitsProvider provider = new PrivilegeBitsProvider(root);
// parent aware permissions
// a) jcr:addChildNodes
@@ -705,4 +773,38 @@ public class PrivilegeBitsTest extends A
assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, remove, true));
assertTrue(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(remove, remove, true));
}
+
+ @Test
+ public void testCalculatePermissionsParentAwareDeny() {
+ PrivilegeBitsProvider provider = new PrivilegeBitsProvider(root);
+
+ // parent aware permissions
+ // a) jcr:addChildNodes
+ PrivilegeBits addChild = provider.getBits(JCR_ADD_CHILD_NODES);
+ assertNotEquals(Permissions.ADD_NODE, PrivilegeBits.calculatePermissions(addChild, PrivilegeBits.EMPTY, false));
+ assertEquals(Permissions.ADD_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, addChild, false));
+
+ // b) jcr:removeChildNodes and jcr:removeNode
+ PrivilegeBits removeChild = provider.getBits(JCR_REMOVE_CHILD_NODES);
+ assertEquals(Permissions.NO_PERMISSION, PrivilegeBits.calculatePermissions(removeChild, PrivilegeBits.EMPTY, false));
+ assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, removeChild, false));
+
+ PrivilegeBits removeNode = provider.getBits(JCR_REMOVE_NODE);
+ assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(removeNode, PrivilegeBits.EMPTY, false));
+ assertNotEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, removeNode, false));
+
+ PrivilegeBits remove = provider.getBits(JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE);
+ assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(remove, PrivilegeBits.EMPTY, false));
+ assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, remove, false));
+ assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(remove, remove, false));
+ }
+
+ @Test
+ public void testEquals() {
+ assertEquals(READ_NODES_PRIVILEGE_BITS, READ_NODES_PRIVILEGE_BITS);
+ assertEquals(READ_NODES_PRIVILEGE_BITS, PrivilegeBits.getInstance(READ_NODES_PRIVILEGE_BITS).unmodifiable());
+
+ assertNotEquals(READ_NODES_PRIVILEGE_BITS, PrivilegeBits.getInstance(READ_NODES_PRIVILEGE_BITS));
+ assertNotEquals(PrivilegeBits.getInstance(READ_NODES_PRIVILEGE_BITS), READ_NODES_PRIVILEGE_BITS);
+ }
}
\ No newline at end of file