You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2014/02/03 14:14:18 UTC
svn commit: r1563874 - in /jackrabbit/oak/trunk:
oak-doc/src/site/markdown/differences_permission.md
oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveReferenceableTest.java
Author: angela
Date: Mon Feb 3 13:14:17 2014
New Revision: 1563874
URL: http://svn.apache.org/r1563874
Log:
OAK-710 : PermissionValidator: Proper permission evaluation for moving/renaming nodes (wip)
Added:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveReferenceableTest.java
- copied, changed from r1562891, jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveTest.java
Modified:
jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_permission.md
Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_permission.md
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_permission.md?rev=1563874&r1=1563873&r2=1563874&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_permission.md (original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/differences_permission.md Mon Feb 3 13:14:17 2014
@@ -78,7 +78,29 @@ as it was present in Jackrabbit 2.x (ren
the child collection of the parent node).
##### Move
-_TODO: permission evaluation with move is not yet implemented [OAK-710]_
+Due to the nature of the diff mechanism in Oak it is no longer possible to treat
+move operations the same way as it was implemented in Jackrabbit 2.x. The current
+permission evaluation attempts to provide a best-effort handling to achieve a
+similar behavior that it was present in Jackrabbit 2.x.
+
+The current implementation has the following limitations with respect to multiple
+move operations within a given set of transient operations:
+
+- Move operations that replace an node that has been moved away will not be
+detected as modification by the diff mechanism and regular permission checks for
+on the subtree will be performed.
+- Moving an ancestor of a node that has been moved will only detect the second
+move and will enforce regular permissions checks on the child that has been moved
+in a first step.
+
+For API consumers and applications running on Jackrabbit Oak this means that
+combinations of multiple moves can not always be properly resolved. Consequently
+permissions will be evaluated as if the modifications did not include move
+(in general being more restrictive): If the move leads to changes that are detected
+by the diff mechanism, regular permissions will be evaluated for all items that
+appear to be added, removed or modified, while a regular move operations just
+requires `REMOVE_NODE` permission on the source, `ADD_NODE` and `NODE_TYPE_MANAGEMENT`
+permissions at the destination.
##### Copy
_TODO: permission evaluation with copy is not yet implemented [OAK-920]_
Copied: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveReferenceableTest.java (from r1562891, jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveReferenceableTest.java?p2=jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveReferenceableTest.java&p1=jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveTest.java&r1=1562891&r2=1563874&rev=1563874&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/SessionMoveReferenceableTest.java Mon Feb 3 13:14:17 2014
@@ -16,531 +16,25 @@
*/
package org.apache.jackrabbit.oak.jcr.security.authorization;
-import javax.jcr.AccessDeniedException;
import javax.jcr.Node;
-import javax.jcr.Property;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.security.Privilege;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
-import org.apache.jackrabbit.util.Text;
-import org.junit.Test;
+import org.apache.jackrabbit.JcrConstants;
/**
- * Permission evaluation tests for move operations.
+ * Permission evaluation tests for session move operations for referenceable nodes.
*/
-public class SessionMoveTest extends AbstractMoveTest {
-
- protected void move(String source, String dest) throws RepositoryException {
- move(source, dest, testSession);
- }
+public class SessionMoveReferenceableTest extends SessionMoveTest {
@Override
- protected void move(String source, String dest, Session session) throws RepositoryException {
- session.move(source, dest);
- session.save();
- }
-
- private void setupMovePermissions() throws Exception {
- allow(path, privilegesFromNames(new String[]{
- Privilege.JCR_REMOVE_NODE,
- Privilege.JCR_REMOVE_CHILD_NODES
- }));
- allow(siblingPath, privilegesFromNames(new String[] {
- Privilege.JCR_ADD_CHILD_NODES,
- Privilege.JCR_NODE_TYPE_MANAGEMENT}));
-
- }
-
- @Test
- public void testMoveAndRemoveSubTree() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(siblingPath, privilegesFromNames(new String[]{
- Privilege.JCR_ADD_CHILD_NODES,
- Privilege.JCR_NODE_TYPE_MANAGEMENT}));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node moved = testSession.getNode(siblingDestPath);
- Node child = moved.getNode(nodeName3);
-
- try {
- child.remove();
- testSession.save();
- fail("Removing subtree after move requires 'jcr:removeNode' privilege on the target");
- } catch (AccessDeniedException e) {
- // success
-
- }
- }
-
- @Test
- public void testMoveAndRemoveSubTree2() throws Exception {
- allow(path, privilegesFromNames(new String[] {
- Privilege.JCR_REMOVE_CHILD_NODES,
- Privilege.JCR_REMOVE_NODE}));
- allow(siblingPath, privilegesFromNames(new String[]{
- Privilege.JCR_ADD_CHILD_NODES,
- Privilege.JCR_NODE_TYPE_MANAGEMENT}));
- deny(testSession.getNode(nodePath3).getPath(), privilegesFromName(Privilege.JCR_REMOVE_NODE));
-
- try {
- testSession.move(childNPath, siblingDestPath);
-
- Node moved = testSession.getNode(siblingDestPath);
- Node child = moved.getNode(nodeName3);
-
- child.remove();
- testSession.save();
- fail("Removing subtree after move requires 'jcr:removeNode' on the removed child.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndRemoveSubTree3() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node moved = testSession.getNode(siblingDestPath);
- Node child = moved.getNode(nodeName3);
- child.remove();
-
- testSession.save();
- }
-
- @Test
- public void testMoveRemoveSubTreeWithRestriction() throws Exception {
- /* allow READ/WRITE privilege for testUser at 'path' */
- allow(path, testUser.getPrincipal(), readWritePrivileges);
- /* deny REMOVE_NODE privileges at subtree. */
- deny(path, privilegesFromName(PrivilegeConstants.JCR_REMOVE_NODE), createGlobRestriction("*/"+nodeName3));
-
- assertTrue(testSession.nodeExists(childNPath));
- assertTrue(testSession.hasPermission(childNPath, Session.ACTION_REMOVE));
- assertTrue(testSession.hasPermission(childNPath2, Session.ACTION_ADD_NODE));
-
- testSession.move(childNPath, childNPath2 + "/dest");
- Node dest = testSession.getNode(childNPath2 + "/dest");
- dest.getNode(nodeName3).remove();
-
- try {
- testSession.save();
- fail("Removing child node must be denied.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveRemoveSubTreeWithRestriction2() throws Exception {
- /* allow READ/WRITE privilege for testUser at 'path' */
- allow(path, testUser.getPrincipal(), readWritePrivileges);
- /* deny REMOVE_NODE privileges at subtree. */
- deny(path, privilegesFromName(PrivilegeConstants.JCR_REMOVE_CHILD_NODES), createGlobRestriction("*/" + Text.getName(childNPath)));
-
- assertTrue(testSession.nodeExists(childNPath));
- assertTrue(testSession.hasPermission(childNPath, Session.ACTION_REMOVE));
- assertTrue(testSession.hasPermission(childNPath2, Session.ACTION_ADD_NODE));
-
- testSession.move(childNPath, childNPath2 + "/dest");
- Node dest = testSession.getNode(childNPath2 + "/dest");
- dest.getNode(nodeName3).remove();
-
- try {
- testSession.save();
- fail("Removing child node must be denied.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddSubTree() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node moved = testSession.getNode(siblingDestPath);
- Node child = moved.getNode(nodeName3);
- child.addNode(nodeName4);
-
- try {
- testSession.save();
- fail("Adding child node at moved node must be denied: no add_child_node privilege at original location.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddSubTree2() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
- allow(nodePath3, privilegesFromName(Privilege.JCR_ADD_CHILD_NODES));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node moved = testSession.getNode(siblingDestPath);
- Node child = moved.getNode(nodeName3);
- child.addNode(nodeName4);
-
- testSession.save();
- }
-
- @Test
- public void testMoveAndAddSubTree3() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromNames(new String[] {
- Privilege.JCR_REMOVE_NODE, Privilege.JCR_ADD_CHILD_NODES
- }));
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node moved = testSession.getNode(siblingDestPath);
- Node child = moved.getNode(nodeName3);
- child.addNode(nodeName4);
-
- testSession.save();
- }
-
- @Test
- public void testMoveAddSubTreeWithRestriction() throws Exception {
- /* allow READ/WRITE privilege for testUser at 'path' */
- allow(path, testUser.getPrincipal(), readWritePrivileges);
- /* deny ADD_CHILD_NODES privileges at subtree. */
- deny(path, privilegesFromName(PrivilegeConstants.JCR_ADD_CHILD_NODES), createGlobRestriction("*/"+nodeName3));
-
- testSession.move(childNPath, childNPath2 + "/dest");
- Node dest = testSession.getNode(childNPath2 + "/dest");
- dest.getNode(nodeName3).addNode(nodeName4);
-
- try {
- testSession.save();
- fail("Adding child node must be denied.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddAtSourceParent() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
- allow(siblingPath, privilegesFromNames(new String[]{
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node sourceParent = testSession.getNode(path);
- sourceParent.addNode(nodeName4);
-
- try {
- testSession.save();
- fail("Adding child node at source parent be denied: missing add_child_node privilege.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddAtSourceParent2() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
- allow(nodePath3, privilegesFromName(Privilege.JCR_ADD_CHILD_NODES));
-
- testSession.move(childNPath, siblingDestPath);
+ protected void setUp() throws Exception {
+ super.setUp();
- Node sourceParent = testSession.getNode(path);
- sourceParent.addNode(nodeName4);
-
- try {
- testSession.save();
- fail("Adding child node at source parent be denied: missing add_child_node privilege.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddAtSourceParent3() throws Exception {
- allow(path, privilegesFromNames(new String[]{
- Privilege.JCR_REMOVE_CHILD_NODES, Privilege.JCR_ADD_CHILD_NODES
- }));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
- allow(siblingPath, privilegesFromNames(new String[]{
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(childNPath, siblingDestPath);
-
- Node sourceParent = testSession.getNode(path);
- sourceParent.addNode(nodeName4);
-
- testSession.save();
- }
-
- @Test
- public void testMoveAndAddReplacementAtSource() throws Exception {
- allow(path, privilegesFromNames(new String[]{
- Privilege.JCR_REMOVE_CHILD_NODES, Privilege.JCR_ADD_CHILD_NODES
- }));
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(nodePath3, siblingDestPath);
-
- Node sourceParent = testSession.getNode(childNPath);
- Node replacement = sourceParent.addNode(Text.getName(nodePath3));
- replacement.setProperty("movedProp", "val");
-
- try {
- testSession.save();
- fail("Missing ADD_NODE and ADD_PROPERTY permission on source parent.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddReplacementAtSource2() throws Exception {
- allow(siblingPath, privilegesFromNames(new String[] {
- PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT
- }));
-
- testSession.move(nodePath3, siblingDestPath);
-
- Node sourceParent = testSession.getNode(childNPath);
- Node replacement = sourceParent.addNode(Text.getName(nodePath3));
- replacement.setProperty("movedProp", "val");
-
- try {
- testSession.save();
- fail("Missing REMOVE_NODE permission for move source.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddProperty() throws Exception {
- setupMovePermissions();
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- Property p = destNode.setProperty("newProp", "val");
- try {
- testSession.save();
- fail("Missing ADD_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddProperty2() throws Exception {
- setupMovePermissions();
- allow(childNPath, privilegesFromName(PrivilegeConstants.REP_ADD_PROPERTIES));
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- Property p = destNode.setProperty("newProp", "val");
- // now save must succeed
- testSession.save();
- }
-
- @Test
- public void testMoveAndModifyProperty() throws Exception {
- setupMovePermissions();
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- destNode.setProperty("movedProp", "modified");
- try {
- testSession.save();
- fail("Missing MODIFY_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndModifyProperty2() throws Exception {
- setupMovePermissions();
- allow(siblingPath, privilegesFromName(PrivilegeConstants.REP_ALTER_PROPERTIES));
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- destNode.setProperty("movedProp", "modified");
- try {
- testSession.save();
- fail("Missing MODIFY_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndModifyProperty3() throws Exception {
- setupMovePermissions();
- allow(childNPath, privilegesFromName(PrivilegeConstants.REP_ALTER_PROPERTIES));
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- destNode.setProperty("movedProp", "modified");
- }
-
- @Test
- public void testMoveAndRemoveProperty() throws Exception {
- setupMovePermissions();
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- destNode.getProperty("movedProp").remove();
- try {
- testSession.save();
- fail("Missing REMOVE_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndRemoveProperty2() throws Exception {
- allow(path, privilegesFromNames(new String[]{
- Privilege.JCR_REMOVE_NODE,
- Privilege.JCR_REMOVE_CHILD_NODES,
- PrivilegeConstants.REP_REMOVE_PROPERTIES
- }));
- allow(siblingPath, privilegesFromNames(new String[] {
- Privilege.JCR_ADD_CHILD_NODES,
- Privilege.JCR_NODE_TYPE_MANAGEMENT}));
-
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- destNode.getProperty("movedProp").remove();
- testSession.save();
- }
-
- @Test
- public void testMoveAndAddPropertyAtSource() throws Exception {
- setupMovePermissions();
-
- testSession.move(nodePath3, siblingDestPath);
- Node n = testSession.getNode(childNPath);
- Property p = n.setProperty("newProp", "val");
- try {
- testSession.save();
- fail("Missing ADD_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndAddPropertyAtSource2() throws Exception {
- setupMovePermissions();
- allow(childNPath, privilegesFromName(PrivilegeConstants.REP_ADD_PROPERTIES));
-
- testSession.move(nodePath3, siblingDestPath);
- Node n = testSession.getNode(childNPath);
- Property p = n.setProperty("newProp", "val");
- testSession.save();
- }
-
- @Test
- public void testMoveAndModifyPropertyAtSource() throws Exception {
- setupMovePermissions();
-
- testSession.move(nodePath3, siblingDestPath);
- Node n = testSession.getNode(childNPath);
- assertTrue(n.hasProperty(propertyName1));
- n.setProperty(propertyName1, "modified");
- try {
- testSession.save();
- fail("Missing MODIFY_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
-
- allow(childNPath, privilegesFromName(PrivilegeConstants.REP_ALTER_PROPERTIES));
- testSession.save();
- }
-
- @Test
- public void testMoveAndModifyPropertyAtSource2() throws Exception {
- setupMovePermissions();
- allow(childNPath, privilegesFromName(PrivilegeConstants.REP_ALTER_PROPERTIES));
-
- testSession.move(nodePath3, siblingDestPath);
- Node n = testSession.getNode(childNPath);
- assertTrue(n.hasProperty(propertyName1));
- n.setProperty(propertyName1, "modified");
- testSession.save();
- }
-
- @Test
- public void testMoveAndRemovePropertyAtSource() throws Exception {
- setupMovePermissions();
-
- testSession.move(nodePath3, siblingDestPath);
- Node n = testSession.getNode(childNPath);
- assertTrue(n.hasProperty(propertyName1));
- n.getProperty(propertyName1).remove();
- try {
- testSession.save();
- fail("Missing REMOVE_PROPERTY permission.");
- } catch (AccessDeniedException e) {
- // success
- }
- }
-
- @Test
- public void testMoveAndRemovePropertyAtSource2() throws Exception {
- setupMovePermissions();
- allow(childNPath, privilegesFromName(PrivilegeConstants.REP_REMOVE_PROPERTIES));
-
- testSession.move(nodePath3, siblingDestPath);
- Node n = testSession.getNode(childNPath);
- assertTrue(n.hasProperty(propertyName1));
- n.getProperty(propertyName1).remove();
- testSession.save();
- }
+ Node n = superuser.getNode(childNPath);
+ n.addMixin(JcrConstants.MIX_REFERENCEABLE);
- /**
- * Moving and removing the moved node at destination should be treated like
- * a simple removal at the original position.
- */
- @Test
- public void testMoveAndRemoveDestination() throws Exception {
- allow(path, privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES));
- allow(childNPath, privilegesFromName(Privilege.JCR_REMOVE_NODE));
+ n = superuser.getNode(nodePath3);
+ n.addMixin(JcrConstants.MIX_REFERENCEABLE);
- testSession.move(nodePath3, siblingDestPath);
- Node destNode = testSession.getNode(siblingDestPath);
- destNode.remove();
- testSession.save();
+ superuser.save();
}
}