You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2016/04/18 15:45:35 UTC
svn commit: r1739760 - in
/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external:
ExternalLoginModuleTest.java ExternalLoginModuleTestBase.java
impl/DefaultSyncHandlerTest.java
Author: angela
Date: Mon Apr 18 13:45:35 2016
New Revision: 1739760
URL: http://svn.apache.org/viewvc?rev=1739760&view=rev
Log:
OAK-4219 : ExternalLoginModuleTestBase doesn't remove synced User/Group accounts
OAK-4221 Move duplicate constants to ExternalLoginModuleTestBase
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTest.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java
Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTest.java?rev=1739760&r1=1739759&r2=1739760&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTest.java Mon Apr 18 13:45:35 2016
@@ -43,12 +43,6 @@ public class ExternalLoginModuleTest ext
protected final HashMap<String, Object> options = new HashMap<String, Object>();
- private final String userId = "testUser";
-
- private final static String TEST_CONSTANT_PROPERTY_NAME = "profile/constantProperty";
-
- private final static String TEST_CONSTANT_PROPERTY_VALUE = "constant-value";
-
@Before
public void before() throws Exception {
super.before();
@@ -78,7 +72,7 @@ public class ExternalLoginModuleTest ext
} catch (LoginException e) {
// success
} finally {
- assertNull(userManager.getAuthorizable(userId));
+ assertNull(userManager.getAuthorizable(USER_ID));
}
}
@@ -87,15 +81,15 @@ public class ExternalLoginModuleTest ext
UserManager userManager = getUserManager(root);
ContentSession cs = null;
try {
- assertNull(userManager.getAuthorizable(userId));
+ assertNull(userManager.getAuthorizable(USER_ID));
- cs = login(new SimpleCredentials(userId, new char[0]));
+ cs = login(new SimpleCredentials(USER_ID, new char[0]));
root.refresh();
- Authorizable a = userManager.getAuthorizable(userId);
+ Authorizable a = userManager.getAuthorizable(USER_ID);
assertNotNull(a);
- ExternalUser user = idp.getUser(userId);
+ ExternalUser user = idp.getUser(USER_ID);
for (String prop : user.getProperties().keySet()) {
assertTrue(a.hasProperty(prop));
}
@@ -113,15 +107,15 @@ public class ExternalLoginModuleTest ext
UserManager userManager = getUserManager(root);
ContentSession cs = null;
try {
- assertNull(userManager.getAuthorizable(userId));
+ assertNull(userManager.getAuthorizable(USER_ID));
- cs = login(new SimpleCredentials(userId.toUpperCase(), new char[0]));
+ cs = login(new SimpleCredentials(USER_ID.toUpperCase(), new char[0]));
root.refresh();
- Authorizable a = userManager.getAuthorizable(userId);
+ Authorizable a = userManager.getAuthorizable(USER_ID);
assertNotNull(a);
- ExternalUser user = idp.getUser(userId);
+ ExternalUser user = idp.getUser(USER_ID);
for (String prop : user.getProperties().keySet()) {
assertTrue(a.hasProperty(prop));
}
@@ -139,7 +133,7 @@ public class ExternalLoginModuleTest ext
UserManager userManager = getUserManager(root);
ContentSession cs = null;
try {
- cs = login(new SimpleCredentials(userId, new char[0]));
+ cs = login(new SimpleCredentials(USER_ID, new char[0]));
root.refresh();
for (String id : new String[]{"a", "b", "c"}) {
@@ -162,7 +156,7 @@ public class ExternalLoginModuleTest ext
UserManager userManager = getUserManager(root);
ContentSession cs = null;
try {
- cs = login(new SimpleCredentials(userId, new char[0]));
+ cs = login(new SimpleCredentials(USER_ID, new char[0]));
root.refresh();
for (String id : new String[]{"a", "b", "c", "aa", "aaa"}) {
@@ -180,18 +174,18 @@ public class ExternalLoginModuleTest ext
public void testSyncUpdate() throws Exception {
// create user upfront in order to test update mode
UserManager userManager = getUserManager(root);
- ExternalUser externalUser = idp.getUser(userId);
+ ExternalUser externalUser = idp.getUser(USER_ID);
Authorizable user = userManager.createUser(externalUser.getId(), null);
user.setProperty("rep:externalId", new ValueFactoryImpl(root, NamePathMapper.DEFAULT).createValue(externalUser.getExternalId().getString()));
root.commit();
ContentSession cs = null;
try {
- cs = login(new SimpleCredentials(userId, new char[0]));
+ cs = login(new SimpleCredentials(USER_ID, new char[0]));
root.refresh();
- Authorizable a = userManager.getAuthorizable(userId);
+ Authorizable a = userManager.getAuthorizable(USER_ID);
assertNotNull(a);
for (String prop : externalUser.getProperties().keySet()) {
assertTrue(a.hasProperty(prop));
Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java?rev=1739760&r1=1739759&r2=1739760&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java (original)
+++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTestBase.java Mon Apr 18 13:45:35 2016
@@ -19,14 +19,20 @@ package org.apache.jackrabbit.oak.spi.se
import java.util.Collections;
import java.util.HashMap;
-import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+import javax.jcr.RepositoryException;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
+import com.google.common.base.Function;
+import com.google.common.base.Predicates;
+import com.google.common.collect.Iterators;
+import com.google.common.collect.Sets;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
@@ -43,11 +49,15 @@ import org.junit.After;
import org.junit.Before;
/**
- * ExternalLoginModuleTest...
+ * Abstract base test for external-authentication tests.
*/
public abstract class ExternalLoginModuleTestBase extends AbstractSecurityTest {
- private Set<String> ids = new HashSet<String>();
+ protected static final String USER_ID = TestIdentityProvider.ID_TEST_USER;
+ protected static final String TEST_CONSTANT_PROPERTY_NAME = "profile/constantProperty";
+ protected static final String TEST_CONSTANT_PROPERTY_VALUE = "constant-value";
+
+ private Set<String> ids;
private Registration testIdpReg;
@@ -68,11 +78,7 @@ public abstract class ExternalLoginModul
@Before
public void before() throws Exception {
super.before();
- UserManager userManager = getUserManager(root);
- Iterator<Authorizable> iter = userManager.findAuthorizables("jcr:primaryType", null);
- while (iter.hasNext()) {
- ids.add(iter.next().getID());
- }
+ ids = Sets.newHashSet(getAllAuthorizableIds(getUserManager(root)));
idp = createIDP();
testIdpReg = whiteboard.register(ExternalIdentityProvider.class, idp, Collections.<String, Object>emptyMap());
@@ -87,7 +93,7 @@ public abstract class ExternalLoginModul
mapping.put("email", "email");
mapping.put("profile/name", "profile/name");
mapping.put("profile/age", "profile/age");
- mapping.put("profile/constantProperty", "\"constant-value\"");
+ mapping.put(TEST_CONSTANT_PROPERTY_NAME, "\"" + TEST_CONSTANT_PROPERTY_VALUE + "\"");
syncConfig.user().setPropertyMapping(mapping);
syncConfig.user().setMembershipNestingDepth(1);
setSyncConfig(syncConfig);
@@ -104,15 +110,18 @@ public abstract class ExternalLoginModul
setSyncConfig(null);
try {
+ // discard any pending changes
+ root.refresh();
+
UserManager userManager = getUserManager(root);
- Iterator<Authorizable> iter = userManager.findAuthorizables("jcr:primaryType", null);
+ Iterator<String> iter = getAllAuthorizableIds(userManager);
while (iter.hasNext()) {
- ids.remove(iter.next().getID());
- }
- for (String id : ids) {
- Authorizable a = userManager.getAuthorizable(id);
- if (a != null) {
- a.remove();
+ String id = iter.next();
+ if (!ids.remove(id)) {
+ Authorizable a = userManager.getAuthorizable(id);
+ if (a != null) {
+ a.remove();
+ }
}
}
root.commit();
@@ -122,6 +131,24 @@ public abstract class ExternalLoginModul
}
}
+ private static Iterator<String> getAllAuthorizableIds(@Nonnull UserManager userManager) throws Exception {
+ Iterator<Authorizable> iter = userManager.findAuthorizables("jcr:primaryType", null);
+ return Iterators.filter(Iterators.transform(iter, new Function<Authorizable, String>() {
+ @Nullable
+ @Override
+ public String apply(Authorizable input) {
+ try {
+ if (input != null) {
+ return input.getID();
+ }
+ } catch (RepositoryException e) {
+ // failed to retrieve ID
+ }
+ return null;
+ }
+ }), Predicates.notNull());
+ }
+
@Override
protected Oak withEditors(Oak oak) {
super.withEditors(oak);
@@ -141,7 +168,7 @@ public abstract class ExternalLoginModul
protected abstract void destroyIDP(ExternalIdentityProvider idp);
protected SynchronizationMBean createMBean() {
- // todo: how to retrieve JCR repository here? maybe we should base the sync mbean on oak directly.
+ // todo: how to retrieve JCR repository here? maybe we should base the sync mbean on oak directly (=> OAK-4218).
// JackrabbitRepository repository = null;
// return new SyncMBeanImpl(repository, syncManager, "default", idpManager, idp.getName());
Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java?rev=1739760&r1=1739759&r2=1739760&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java (original)
+++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java Mon Apr 18 13:45:35 2016
@@ -56,8 +56,6 @@ import static org.junit.Assert.assertTru
*/
public class DefaultSyncHandlerTest extends ExternalLoginModuleTestBase {
- private String userId = TestIdentityProvider.ID_TEST_USER;
-
private UserManager userManager;
private DefaultSyncHandler syncHandler;
@@ -129,13 +127,13 @@ public class DefaultSyncHandlerTest exte
@Test
public void testFindExternalIdentity() throws Exception {
- login(new SimpleCredentials(userId, new char[0])).close();
+ login(new SimpleCredentials(USER_ID, new char[0])).close();
root.refresh();
- SyncedIdentity id = syncHandler.findIdentity(userManager, userId);
+ SyncedIdentity id = syncHandler.findIdentity(userManager, USER_ID);
assertNotNull("known authorizable should exist", id);
assertEquals("external user should have correct external ref.idp", idp.getName(), id.getExternalIdRef().getProviderName());
- assertEquals("external user should have correct external ref.id", userId, id.getExternalIdRef().getId());
+ assertEquals("external user should have correct external ref.id", USER_ID, id.getExternalIdRef().getId());
}
@Test
@@ -153,23 +151,23 @@ public class DefaultSyncHandlerTest exte
@Test
public void testFindIdentityWithRemovedExternalId() throws Exception {
- sync(userId, false);
+ sync(USER_ID, false);
// NOTE: this is only possible as long the rep:externalId property is not protected
- Authorizable authorizable = userManager.getAuthorizable(userId);
+ Authorizable authorizable = userManager.getAuthorizable(USER_ID);
authorizable.removeProperty(DefaultSyncContext.REP_EXTERNAL_ID);
root.commit();
- SyncedIdentity si = syncHandler.findIdentity(userManager, userId);
+ SyncedIdentity si = syncHandler.findIdentity(userManager, USER_ID);
assertNull(si.getExternalIdRef());
}
@Test
public void testRequiresSyncAfterCreate() throws Exception {
- login(new SimpleCredentials(userId, new char[0])).close();
+ login(new SimpleCredentials(USER_ID, new char[0])).close();
root.refresh();
- SyncedIdentity id = syncHandler.findIdentity(userManager, userId);
+ SyncedIdentity id = syncHandler.findIdentity(userManager, USER_ID);
assertNotNull("Known authorizable should exist", id);
assertFalse("Freshly synced id should not require sync", syncHandler.requiresSync(id));
@@ -177,18 +175,18 @@ public class DefaultSyncHandlerTest exte
@Test
public void testRequiresSyncExpiredSyncProperty() throws Exception {
- login(new SimpleCredentials(userId, new char[0])).close();
+ login(new SimpleCredentials(USER_ID, new char[0])).close();
root.refresh();
final Calendar nowCal = Calendar.getInstance();
nowCal.setTimeInMillis(nowCal.getTimeInMillis() - 1000);
Value nowValue = getValueFactory().createValue(nowCal);
- Authorizable a = userManager.getAuthorizable(userId);
+ Authorizable a = userManager.getAuthorizable(USER_ID);
a.setProperty(DefaultSyncContext.REP_LAST_SYNCED, nowValue);
root.commit();
- SyncedIdentity id = syncHandler.findIdentity(userManager, userId);
+ SyncedIdentity id = syncHandler.findIdentity(userManager, USER_ID);
assertNotNull("known authorizable should exist", id);
assertTrue("synced id should require sync", syncHandler.requiresSync(id));
@@ -196,25 +194,25 @@ public class DefaultSyncHandlerTest exte
@Test
public void testRequiresSyncMissingSyncProperty() throws Exception {
- sync(userId, false);
+ sync(USER_ID, false);
- Authorizable a = userManager.getAuthorizable(userId);
+ Authorizable a = userManager.getAuthorizable(USER_ID);
a.removeProperty(DefaultSyncContext.REP_LAST_SYNCED);
root.commit();
- SyncedIdentity si = syncHandler.findIdentity(userManager, userId);
+ SyncedIdentity si = syncHandler.findIdentity(userManager, USER_ID);
assertNotNull(si);
assertTrue(syncHandler.requiresSync(si));
}
@Test
public void testRequiresSyncMissingExternalIDRef() throws Exception {
- assertTrue(syncHandler.requiresSync(new DefaultSyncedIdentity(userId, null, false, Long.MAX_VALUE)));
+ assertTrue(syncHandler.requiresSync(new DefaultSyncedIdentity(USER_ID, null, false, Long.MAX_VALUE)));
}
@Test
public void testRequiresSyncNotYetSynced() throws Exception {
- assertTrue(syncHandler.requiresSync(new DefaultSyncedIdentity(userId, idp.getUser(userId).getExternalId(), false, Long.MIN_VALUE)));
+ assertTrue(syncHandler.requiresSync(new DefaultSyncedIdentity(USER_ID, idp.getUser(USER_ID).getExternalId(), false, Long.MIN_VALUE)));
}
@Test
@@ -238,11 +236,11 @@ public class DefaultSyncHandlerTest exte
@Test
public void testListIdentitiesAfterSync() throws Exception {
- sync(userId, false);
+ sync(USER_ID, false);
- // membership-nesting is 1 => expect only 'userId' plus the declared group-membership
- Set<String> expected = Sets.newHashSet(userId);
- for (ExternalIdentityRef extRef : idp.getUser(userId).getDeclaredGroups()) {
+ // membership-nesting is 1 => expect only 'USER_ID' plus the declared group-membership
+ Set<String> expected = Sets.newHashSet(USER_ID);
+ for (ExternalIdentityRef extRef : idp.getUser(USER_ID).getDeclaredGroups()) {
expected.add(extRef.getId());
}