You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-commits@jackrabbit.apache.org by ju...@apache.org on 2013/11/26 21:05:29 UTC

svn commit: r1545807 - /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java

Author: jukka
Date: Tue Nov 26 20:05:29 2013
New Revision: 1545807

URL: http://svn.apache.org/r1545807
Log:
OAK-928: Read access is enforced on NEW items

Make the special nature of transient changes more obvious:
It's possible to commit content that you only have write access to;
and in that case the content would appear to disappear after the commit!

Modified:
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java?rev=1545807&r1=1545806&r2=1545807&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java Tue Nov 26 20:05:29 2013
@@ -64,24 +64,23 @@ public class ShadowInvisibleContentTest 
     public void testShadowInvisibleProperty() throws Exception {
         setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_ALL);
         setupPermission("/a", testPrincipal, false, PrivilegeConstants.REP_READ_PROPERTIES);
-        setupPermission("/a", testPrincipal, false, PrivilegeConstants.REP_ALTER_PROPERTIES);
 
         Root testRoot = getTestRoot();
         Tree a = testRoot.getTree("/a");
 
         // /a/x not visible to this session
         assertNull(a.getProperty("aProp"));
+        assertFalse(a.hasProperty("aProp"));
 
         // shadow /a/x with transient property of the same name
         a.setProperty("aProp", "aValue1");
         assertNotNull(a.getProperty("aProp"));
+        assertTrue(a.hasProperty("aProp"));
 
-        try {
-            testRoot.commit();
-            fail();
-        } catch (CommitFailedException e) {
-            assertTrue(e.isAccessViolation());
-        }
+        // after commit() normal access control again takes over!
+        testRoot.commit(); // does not fail since only read access is denied
+        assertNull(a.getProperty("aProp"));
+        assertFalse(a.hasProperty("aProp"));
     }
 
     @Test