You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/05/15 00:08:32 UTC
svn commit: r1482617 - in /jackrabbit/oak/trunk/oak-jcr: pom.xml
src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java
Author: angela
Date: Tue May 14 22:08:32 2013
New Revision: 1482617
URL: http://svn.apache.org/r1482617
Log:
OAK-527: permissions (uncomment version tests that pass with latest changes to version mgt, minor improvement to ntmgt test)
Modified:
jackrabbit/oak/trunk/oak-jcr/pom.xml
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java
Modified: jackrabbit/oak/trunk/oak-jcr/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/pom.xml?rev=1482617&r1=1482616&r2=1482617&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-jcr/pom.xml Tue May 14 22:08:32 2013
@@ -293,7 +293,6 @@
org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlImporterTest#testImportACLRemoveACE <!-- OAK-414 -->
org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlImporterTest#testImportACLUnknown <!-- OAK-414 -->
org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlImporterTest#testImportPolicyExists <!-- OAK-414 -->
- org.apache.jackrabbit.oak.jcr.security.user.MemberNodeImportTest <!-- OAK-414, OAK-482 -->
org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlManagementTest#testRemoveMixin <!-- OAK-767 -->
org.apache.jackrabbit.oak.jcr.security.authorization.NodeTypeManagementTest#testRemoveMixin <!-- OAK-767 -->
@@ -302,6 +301,13 @@
org.apache.jackrabbit.oak.jcr.security.authorization.NodeTypeManagementTest#testWorkspaceMove <!-- OAK-711 -->
org.apache.jackrabbit.oak.jcr.security.authorization.NodeTypeManagementTest#testSessionMove <!-- OAK-711 -->
org.apache.jackrabbit.oak.jcr.security.authorization.NodeTypeManagementTest#testWorkspaceImportXML <!-- OAK-773 -->
+
+ org.apache.jackrabbit.oak.jcr.security.authorization.VersionManagementTest#testRemoveVersion <!-- OAK-168 -->
+ org.apache.jackrabbit.oak.jcr.security.authorization.VersionManagementTest#testRemoveVersion2 <!-- OAK-168 -->
+ org.apache.jackrabbit.oak.jcr.security.authorization.VersionManagementTest#testRemoveVersion3 <!-- OAK-168 -->
+ org.apache.jackrabbit.oak.jcr.security.authorization.VersionManagementTest#testAddVersionLabel <!-- OAK-168 -->
+
+ org.apache.jackrabbit.oak.jcr.security.user.MemberNodeImportTest <!-- OAK-414, OAK-482 -->
org.apache.jackrabbit.oak.jcr.security.user.UserImportTest#testImportGroupIntoUsersTree <!-- OAK-821 -->
</known.issues>
</properties>
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java?rev=1482617&r1=1482616&r2=1482617&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java Tue May 14 22:08:32 2013
@@ -24,24 +24,22 @@ import javax.jcr.RepositoryException;
import javax.jcr.Workspace;
import javax.jcr.security.AccessControlPolicy;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
/**
- * Permission evaluation tests related to {@link #JCR_NAMESPACE_MANAGEMENT} privilege.
+ * Permission evaluation tests related to {@link PrivilegeConstants#JCR_NAMESPACE_MANAGEMENT} privilege.
*/
public class NamespaceManagementTest extends AbstractEvaluationTest {
- // TODO: replace with JCR privilege constant (JSR-333)
- private static final String JCR_NAMESPACE_MANAGEMENT = "jcr:namespaceManagement";
-
@Override
@Before
protected void setUp() throws Exception {
super.setUp();
- assertHasRepoPrivilege(JCR_NAMESPACE_MANAGEMENT, false);
+ assertHasRepoPrivilege(PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT, false);
}
@Override
@@ -92,21 +90,21 @@ public class NamespaceManagementTest ext
@Test
public void testModifyNamespaceWithPrivilege() throws Exception {
- modify(null, JCR_NAMESPACE_MANAGEMENT.toString(), true);
- assertHasRepoPrivilege(JCR_NAMESPACE_MANAGEMENT, true);
+ modify(null, PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT.toString(), true);
+ assertHasRepoPrivilege(PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT, true);
- modify(null, JCR_NAMESPACE_MANAGEMENT.toString(), false);
- assertHasRepoPrivilege(JCR_NAMESPACE_MANAGEMENT, false);
+ modify(null, PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT.toString(), false);
+ assertHasRepoPrivilege(PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT, false);
}
@Test
public void testRegisterNamespaceWithPrivilege() throws Exception {
- modify(null, JCR_NAMESPACE_MANAGEMENT.toString(), true);
+ modify(null, PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT.toString(), true);
try {
Workspace testWsp = testSession.getWorkspace();
testWsp.getNamespaceRegistry().registerNamespace(getNewNamespacePrefix(testWsp), getNewNamespaceURI(testWsp));
} finally {
- modify(null, JCR_NAMESPACE_MANAGEMENT.toString(), false);
+ modify(null, PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT.toString(), false);
}
}
Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java?rev=1482617&r1=1482616&r2=1482617&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java Tue May 14 22:08:32 2013
@@ -17,16 +17,17 @@
package org.apache.jackrabbit.oak.jcr.security.authorization;
import javax.jcr.AccessDeniedException;
+import javax.jcr.ItemNotFoundException;
import javax.jcr.Node;
+import javax.jcr.PathNotFoundException;
import javax.jcr.Property;
import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlList;
import javax.jcr.security.Privilege;
import javax.jcr.version.Version;
import javax.jcr.version.VersionHistory;
import javax.jcr.version.VersionManager;
-import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
-import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.test.NotExecutableException;
import org.junit.Before;
import org.junit.Ignore;
@@ -35,7 +36,6 @@ import org.junit.Test;
/**
* Test access control evaluation for version operations.
*/
-@Ignore("OAK-168")
public class VersionManagementTest extends AbstractEvaluationTest {
private static final String SYSTEM = "/jcr:system";
@@ -81,7 +81,6 @@ public class VersionManagementTest exten
}
}
- @Ignore("OAK-168") // FIXME: waiting for basic version mgt
@Test
public void testAddMixVersionable2() throws Exception {
modify(path, REP_WRITE, true);
@@ -170,8 +169,9 @@ public class VersionManagementTest exten
Version v = n.checkin();
n.checkout();
+ testSession.refresh(false);
assertFalse(testAcMgr.hasPrivileges(n.getPath(), versionPrivileges));
- allow(SYSTEM, versionPrivileges);
+ AccessControlList acl = allow(SYSTEM, versionPrivileges);
try {
Node testNode = testSession.getNode(n.getPath());
@@ -182,13 +182,12 @@ public class VersionManagementTest exten
// success
} finally {
// revert privilege modification (manually remove the ACE added)
- JackrabbitAccessControlList systemAcl = AccessControlUtils.getAccessControlList(acMgr, SYSTEM);
- for (AccessControlEntry entry : systemAcl.getAccessControlEntries()) {
+ for (AccessControlEntry entry : acl.getAccessControlEntries()) {
if (entry.getPrincipal().equals(testUser.getPrincipal())) {
- systemAcl.removeAccessControlEntry(entry);
+ acl.removeAccessControlEntry(entry);
}
}
- acMgr.setPolicy(SYSTEM, systemAcl);
+ acMgr.setPolicy(SYSTEM, acl);
superuser.save();
}
}
@@ -196,18 +195,18 @@ public class VersionManagementTest exten
/**
* @since oak
*/
- @Ignore("OAK-168") // FIXME: waiting for basic version mgt
@Test
public void testAccessVersionContentWithoutStoreAccess() throws Exception {
Node n = createVersionableNode(superuser.getNode(path));
Version v = n.checkin();
- VersionHistory vh = v.getVersionHistory();
+ VersionHistory vh = n.getVersionHistory();
n.checkout();
Version v2 = n.checkin();
n.checkout();
+ testSession.refresh(false);
assertFalse(testAcMgr.hasPrivileges(n.getPath(), versionPrivileges));
- deny(SYSTEM, privilegesFromName(Privilege.JCR_READ));
+ AccessControlList acl = deny(SYSTEM, privilegesFromName(Privilege.JCR_READ));
try {
// version information must still be accessible
@@ -216,13 +215,12 @@ public class VersionManagementTest exten
assertTrue(testSession.nodeExists(vh.getPath()));
} finally {
- JackrabbitAccessControlList systemAcl = AccessControlUtils.getAccessControlList(acMgr, SYSTEM);
- for (AccessControlEntry entry : systemAcl.getAccessControlEntries()) {
+ for (AccessControlEntry entry : acl.getAccessControlEntries()) {
if (entry.getPrincipal().equals(testUser.getPrincipal())) {
- systemAcl.removeAccessControlEntry(entry);
+ acl.removeAccessControlEntry(entry);
}
}
- acMgr.setPolicy("/jcr:system", systemAcl);
+ acMgr.setPolicy(SYSTEM, acl);
superuser.save();
}
}
@@ -230,7 +228,6 @@ public class VersionManagementTest exten
/**
* @since oak (DIFF: jr required jcr:versionManagement privilege on the version store)
*/
- @Ignore("OAK-168") // FIXME: waiting for basic version mgt
@Test
public void testAccessVersionHistory() throws Exception {
Node n = createVersionableNode(superuser.getNode(path));
@@ -253,7 +250,6 @@ public class VersionManagementTest exten
/**
* @since oak (DIFF: jr required jcr:versionManagement privilege on the version store)
*/
- @Ignore("OAK-168") // FIXME: waiting for basic version mgt
@Test
public void testAccessVersionHistoryVersionableNodeNotAccessible() throws Exception {
Node n = createVersionableNode(superuser.getNode(path));
@@ -277,21 +273,21 @@ public class VersionManagementTest exten
try {
VersionHistory history = (VersionHistory) testSession.getNode(vhPath);
fail("Access to version history should be denied if versionable node is not accessible");
- } catch (AccessDeniedException e) {
+ } catch (PathNotFoundException e) {
// success
}
try {
VersionHistory history = (VersionHistory) testSession.getNodeByIdentifier(vhUUID);
fail("Access to version history should be denied if versionable node is not accessible");
- } catch (AccessDeniedException e) {
+ } catch (ItemNotFoundException e) {
// success
}
try {
VersionHistory history = (VersionHistory) testSession.getNodeByUUID(vhUUID);
fail("Access to version history should be denied if versionable node is not accessible");
- } catch (AccessDeniedException e) {
+ } catch (ItemNotFoundException e) {
// success
}
}