You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ba...@apache.org on 2013/03/08 21:49:44 UTC
svn commit: r1454544 [1/2] - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/
oak-it/osgi/src/test/config/ oak-jcr/
oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/
oak-jcr/src/main/java/org/apache/jackrabbi...
Author: baedke
Date: Fri Mar 8 20:49:43 2013
New Revision: 1454544
URL: http://svn.apache.org/r1454544
Log:
OAK-414,OAK-127: enabled import of proected items, some bug fixes
Added:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java (with props)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java (with props)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
jackrabbit/oak/trunk/oak-it/osgi/src/test/config/org.apache.jackrabbit.mk.osgi.MicroKernelService.cfg
jackrabbit/oak/trunk/oak-jcr/pom.xml
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionDelegate.java (contents, props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionImpl.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/BufferedStringValue.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/DocViewImportHandler.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/ImportHandler.java (contents, props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/Importer.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SessionImporter.java (contents, props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/StringValue.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SysViewImportHandler.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/TargetImportHandler.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AbstractUserTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AdministratorTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizablePropertyTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizableTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/CreateGroupTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/CreateUserTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/NestedGroupTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserManagerTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java (props changed)
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserTest.java (contents, props changed)
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java Fri Mar 8 20:49:43 2013
@@ -66,7 +66,9 @@ abstract class AuthorizableImpl implemen
} else {
String msg = "Authorizable without principal name " + id;
log.warn(msg);
- throw new RepositoryException(msg);
+ //FIXME OAK-414 UserImport needs this workaround
+ //throw new RepositoryException(msg);
+ principalName = id;
}
}
Modified: jackrabbit/oak/trunk/oak-it/osgi/src/test/config/org.apache.jackrabbit.mk.osgi.MicroKernelService.cfg
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-it/osgi/src/test/config/org.apache.jackrabbit.mk.osgi.MicroKernelService.cfg?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-it/osgi/src/test/config/org.apache.jackrabbit.mk.osgi.MicroKernelService.cfg (original)
+++ jackrabbit/oak/trunk/oak-it/osgi/src/test/config/org.apache.jackrabbit.mk.osgi.MicroKernelService.cfg Fri Mar 8 20:49:43 2013
@@ -1,15 +1,15 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-name="Oak"
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+name="Oak"
Modified: jackrabbit/oak/trunk/oak-jcr/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/pom.xml?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-jcr/pom.xml Fri Mar 8 20:49:43 2013
@@ -246,7 +246,9 @@
org.apache.jackrabbit.test.api.observation.AddEventListenerTest#testUUID
org.apache.jackrabbit.test.api.observation.LockingTest#testAddLockToNode
org.apache.jackrabbit.test.api.observation.LockingTest#testRemoveLockFromNode
- org.apache.jackrabbit.oak.jcr.security.user.GroupTest#testCyclicGroups2 <!-- OAK-615 -->
+ org.apache.jackrabbit.oak.jcr.security.user.GroupTest#testCyclicGroups2 <!-- OAK-615 -->
+ org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlImporterTest#testImportACLRemoveACE <!-- OAK-414 -->
+ org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlImporterTest#testImportACLUnknown <!-- OAK-414 -->
org.apache.jackrabbit.oak.jcr.version.VersionHistoryTest#testGetVersionHistoryFromNode <!-- OAK-601 -->
org.apache.jackrabbit.oak.jcr.version.VersionHistoryTest#testGetVersionHistory <!-- OAK-602 -->
org.apache.jackrabbit.oak.jcr.version.VersionHistoryTest#testGetVersionHistoryAfterMove <!-- OAK-602 -->
Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionDelegate.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionDelegate.java?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionDelegate.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionDelegate.java Fri Mar 8 20:49:43 2013
@@ -19,7 +19,6 @@ package org.apache.jackrabbit.oak.jcr;
import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
-
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.jcr.ItemExistsException;
@@ -58,7 +57,9 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.plugins.observation.ObservationManagerImpl;
import org.apache.jackrabbit.oak.plugins.value.ValueFactoryImpl;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
import org.apache.jackrabbit.oak.spi.security.authorization.PermissionProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -86,6 +87,8 @@ public class SessionDelegate {
private UserManager userManager;
private PrivilegeManager privilegeManager;
private AccessControlManager accessControlManager;
+ private UserConfiguration userConfiguration;
+ private AccessControlConfiguration accessControlConfiguration;
private boolean isAlive = true;
private int sessionOpCount;
private int revision;
@@ -532,6 +535,22 @@ public class SessionDelegate {
}
@Nonnull
+ UserConfiguration getUserConfiguration() throws UnsupportedRepositoryOperationException {
+ if (userConfiguration == null) {
+ userConfiguration = securityProvider.getUserConfiguration();
+ }
+ return userConfiguration;
+ }
+
+ @Nonnull
+ AccessControlConfiguration getAccessControlConfiguration() throws UnsupportedRepositoryOperationException {
+ if (accessControlConfiguration == null) {
+ accessControlConfiguration = securityProvider.getAccessControlConfiguration();
+ }
+ return accessControlConfiguration;
+ }
+
+ @Nonnull
EffectiveNodeTypeProvider getEffectiveNodeTypeProvider() throws RepositoryException {
return (EffectiveNodeTypeProvider) workspace.getNodeTypeManager();
}
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionDelegate.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionImpl.java?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionImpl.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionImpl.java Fri Mar 8 20:49:43 2013
@@ -307,7 +307,8 @@ public class SessionImpl extends Abstrac
@Nonnull
public ContentHandler getImportContentHandler(
String parentAbsPath, int uuidBehavior) throws RepositoryException {
- return new ImportHandler(getNode(parentAbsPath), dlg.getRoot(), this, uuidBehavior);
+ return new ImportHandler(getNode(parentAbsPath), dlg.getRoot(), this,
+ dlg, dlg.getUserConfiguration(), dlg.getAccessControlConfiguration(), uuidBehavior);
}
/**
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/BufferedStringValue.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/DocViewImportHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/ImportHandler.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/ImportHandler.java?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/ImportHandler.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/ImportHandler.java Fri Mar 8 20:49:43 2013
@@ -25,7 +25,10 @@ import javax.jcr.ValueFactory;
import org.apache.jackrabbit.commons.NamespaceHelper;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.jcr.SessionDelegate;
import org.apache.jackrabbit.oak.plugins.name.NamespaceConstants;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.Attributes;
@@ -61,10 +64,13 @@ public class ImportHandler extends Defau
private TargetImportHandler targetHandler = null;
private final Map<String, String> tempPrefixMap = new HashMap<String, String>();
- public ImportHandler(Node importTargetNode, Root root, Session session, int uuidBehavior)
+ public ImportHandler(Node importTargetNode, Root root, Session session,
+ SessionDelegate dlg, UserConfiguration userConfig,
+ AccessControlConfiguration accessControlConfig,
+ int uuidBehavior)
throws RepositoryException {
this.helper = new NamespaceHelper(session);
- this.importer = new SessionImporter(importTargetNode, root, session, helper, uuidBehavior);
+ this.importer = new SessionImporter(importTargetNode, root, session, dlg, helper, userConfig, accessControlConfig, uuidBehavior);
this.valueFactory = session.getValueFactory();
}
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/ImportHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/Importer.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SessionImporter.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SessionImporter.java?rev=1454544&r1=1454543&r2=1454544&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SessionImporter.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SessionImporter.java Fri Mar 8 20:49:43 2013
@@ -19,7 +19,6 @@ package org.apache.jackrabbit.oak.jcr.xm
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
-import java.util.Map;
import java.util.Stack;
import javax.jcr.ImportUUIDBehavior;
import javax.jcr.ItemExistsException;
@@ -40,9 +39,10 @@ import javax.jcr.nodetype.PropertyDefini
import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.commons.NamespaceHelper;
import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.namepath.GlobalNameMapper;
-import org.apache.jackrabbit.oak.namepath.NamePathMapperImpl;
+import org.apache.jackrabbit.oak.jcr.SessionDelegate;
import org.apache.jackrabbit.oak.plugins.nodetype.EffectiveNodeTypeProvider;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.xml.NodeInfo;
import org.apache.jackrabbit.oak.spi.xml.PropInfo;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
@@ -75,7 +75,6 @@ public class SessionImporter implements
//TODO clarify how to provide ProtectedItemImporters
private final List<ProtectedItemImporter> pItemImporters = new ArrayList<ProtectedItemImporter>();
- private final List<ProtectedItemImporter> pItemImportersInitialized = new ArrayList<ProtectedItemImporter>();
/**
* Currently active importer for protected nodes.
@@ -84,45 +83,37 @@ public class SessionImporter implements
/**
* Creates a new <code>SessionImporter</code> instance.
- *
- * @param importTargetNode the target node
- * @param session session
- * @param uuidBehavior any of the constants declared by
- * {@link javax.jcr.ImportUUIDBehavior}
*/
public SessionImporter(Node importTargetNode,
Root root,
Session session,
+ SessionDelegate dlg,
NamespaceHelper helper,
- int uuidBehavior) {
+ UserConfiguration userConfig,
+ AccessControlConfiguration accessControlConfig,
+ int uuidBehavior) throws RepositoryException {
this.importTargetNode = importTargetNode;
this.session = session;
this.root = root;
this.namespaceHelper = helper;
this.uuidBehavior = uuidBehavior;
-
refTracker = new ReferenceChangeTracker();
parents = new Stack<Node>();
parents.push(importTargetNode);
- //TODO clarify how to provide correct NamePathMapper
- NamePathMapperImpl namePathMapper = new NamePathMapperImpl(new GlobalNameMapper() {
- @Override
- protected Map<String, String> getNamespaceMap() {
- try {
- return namespaceHelper.getNamespaces();
- } catch (RepositoryException e) {
- log.warn("could not read namespace mappings", e);
- return null;
- }
+ pItemImporters.clear();
+
+ //TODO clarify how to provide ProtectedItemImporters
+ for (ProtectedItemImporter importer : userConfig.getProtectedItemImporters()) {
+ if (importer.init(session, root, dlg.getNamePathMapper(), false, uuidBehavior, refTracker)) {
+ pItemImporters.add(importer);
}
- });
- pItemImportersInitialized.clear();
- for (ProtectedItemImporter importer : pItemImporters) {
- if (importer.init(session, root, namePathMapper, false, uuidBehavior, refTracker)) {
- pItemImportersInitialized.add(importer);
+ }
+ for (ProtectedItemImporter importer : accessControlConfig.getProtectedItemImporters()) {
+ if (importer.init(session, root, dlg.getNamePathMapper(), false, uuidBehavior, refTracker)) {
+ pItemImporters.add(importer);
}
}
}
@@ -140,7 +131,7 @@ public class SessionImporter implements
*/
protected void checkPermission(Node parent, String nodeName)
throws RepositoryException {
- //TODO clarify how to check permissions (is it necessary at all?)
+ //TODO clarify how to check permissions
// if (!session.getAccessControlManager().isGranted(session.getQPath(parent.getPath()), nodeName, Permissions.NODE_TYPE_MANAGEMENT)) {
// throw new AccessDeniedException("Insufficient permission.");
// }
@@ -149,13 +140,16 @@ public class SessionImporter implements
protected Node createNode(Node parent,
String nodeName,
String nodeTypeName,
- String[] mixinNames)
+ String[] mixinNames,
+ String uuid)
throws RepositoryException {
Node node;
-
// add node
node = parent.addNode(nodeName, nodeTypeName == null ? namespaceHelper.getJcrName(NamespaceRegistry.NAMESPACE_NT, "unstructured") : nodeTypeName);
+ if (uuid != null) {
+ root.getTree(node.getPath()).setProperty(NamespaceRegistry.PREFIX_JCR + ":uuid", uuid);
+ }
// add mixins
if (mixinNames != null) {
for (String mixinName : mixinNames) {
@@ -217,7 +211,7 @@ public class SessionImporter implements
// create new with new uuid
checkPermission(parent, nodeInfo.getName());
node = createNode(parent, nodeInfo.getName(),
- nodeInfo.getPrimaryTypeName(), nodeInfo.getMixinTypeNames());
+ nodeInfo.getPrimaryTypeName(), nodeInfo.getMixinTypeNames(), null);
// remember uuid mapping
if (node.isNodeType(JcrConstants.MIX_REFERENCEABLE)) {
refTracker.put(nodeInfo.getUUID(), node.getIdentifier());
@@ -247,7 +241,7 @@ public class SessionImporter implements
// create new with given uuid
checkPermission(parent, nodeInfo.getName());
node = createNode(parent, nodeInfo.getName(),
- nodeInfo.getPrimaryTypeName(), nodeInfo.getMixinTypeNames());
+ nodeInfo.getPrimaryTypeName(), nodeInfo.getMixinTypeNames(), nodeInfo.getUUID());
} else if (uuidBehavior == ImportUUIDBehavior.IMPORT_UUID_COLLISION_REPLACE_EXISTING) {
if (conflicting == null) {
// since the conflicting node can't be read,
@@ -270,7 +264,7 @@ public class SessionImporter implements
//TODO ordering! (what happened to replace?)
conflicting.remove();
node = createNode(parent, nodeInfo.getName(),
- nodeInfo.getPrimaryTypeName(), nodeInfo.getMixinTypeNames());
+ nodeInfo.getPrimaryTypeName(), nodeInfo.getMixinTypeNames(), nodeInfo.getUUID());
} else {
String msg = "unknown uuidBehavior: " + uuidBehavior;
log.debug(msg);
@@ -391,7 +385,7 @@ public class SessionImporter implements
if (id == null) {
// no potential uuid conflict, always add new node
checkPermission(parent, nodeName);
- node = createNode(parent, nodeName, ntName, mixins);
+ node = createNode(parent, nodeName, ntName, mixins, id);
} else {
// potential uuid conflict
boolean isConflicting;
@@ -419,7 +413,7 @@ public class SessionImporter implements
} else {
// create new with given uuid
checkPermission(parent, nodeName);
- node = createNode(parent, nodeName, ntName, mixins);
+ node = createNode(parent, nodeName, ntName, mixins, id);
}
}
}
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SessionImporter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/StringValue.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/SysViewImportHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/xml/TargetImportHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java?rev=1454544&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java (added)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java Fri Mar 8 20:49:43 2013
@@ -0,0 +1,580 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.jcr.security.authorization;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+import java.util.List;
+import javax.jcr.ImportUUIDBehavior;
+import javax.jcr.Node;
+import javax.jcr.RepositoryException;
+import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlList;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.AccessControlPolicy;
+import javax.jcr.security.AccessControlPolicyIterator;
+import javax.jcr.security.Privilege;
+
+import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
+import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
+import org.apache.jackrabbit.oak.jcr.SessionImpl;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.xml.sax.SAXException;
+
+public class AccessControlImporterTest extends AbstractJCRTest {
+
+ private static final String XML_POLICY_TREE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+ "<sv:node sv:name=\"test\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>nt:unstructured</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"jcr:mixinTypes\" sv:type=\"Name\">" +
+ "<sv:value>rep:AccessControllable</sv:value>" +
+ "<sv:value>mix:versionable</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"jcr:uuid\" sv:type=\"String\">" +
+ "<sv:value>0a0ca2e9-ab98-4433-a12b-d57283765207</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"jcr:baseVersion\" sv:type=\"Reference\">" +
+ "<sv:value>35d0d137-a3a4-4af3-8cdd-ce565ea6bdc9</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"jcr:isCheckedOut\" sv:type=\"Boolean\">" +
+ "<sv:value>true</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"jcr:predecessors\" sv:type=\"Reference\">" +
+ "<sv:value>35d0d137-a3a4-4af3-8cdd-ce565ea6bdc9</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"jcr:versionHistory\" sv:type=\"Reference\">" +
+ "<sv:value>428c9ef2-78e5-4f1c-95d3-16b4ce72d815</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"rep:policy\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:ACL</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"allow\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>everyone</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "</sv:node>" +
+ "</sv:node>";
+
+ private static final String XML_POLICY_TREE_2 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+ "<sv:node sv:name=\"rep:policy\" " +
+ "xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:ACL</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"allow\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>everyone</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "</sv:node>";
+
+ private static final String XML_POLICY_TREE_3 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+ "<sv:node sv:name=\"rep:policy\" " +
+ "xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:ACL</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"allow\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>everyone</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "<sv:node sv:name=\"allow0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>admin</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "</sv:node>";
+
+ private static final String XML_POLICY_TREE_4 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+ "<sv:node sv:name=\"rep:policy\" " +
+ "xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:ACL</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"allow\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>unknownprincipal</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "<sv:node sv:name=\"allow0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>admin</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "</sv:node>";
+
+ private static final String XML_POLICY_TREE_5 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+ "<sv:node sv:name=\"rep:policy\" " +
+ "xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:ACL</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"allow0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>admin</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:write</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "</sv:node>";
+
+ private static final String XML_REPO_POLICY_TREE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
+ "<sv:node sv:name=\"rep:repoPolicy\" " +
+ "xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:ACL</sv:value>" +
+ "</sv:property>" +
+ "<sv:node sv:name=\"allow\">" +
+ "<sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\">" +
+ "<sv:value>rep:GrantACE</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:principalName\" sv:type=\"String\">" +
+ "<sv:value>admin</sv:value>" +
+ "</sv:property>" +
+ "<sv:property sv:name=\"rep:privileges\" sv:type=\"Name\">" +
+ "<sv:value>jcr:workspaceManagement</sv:value>" +
+ "</sv:property>" +
+ "</sv:node>" +
+ "</sv:node>";
+
+ private static final String XML_AC_TREE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><sv:node sv:name=\"rep:security\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:crx=\"http://www.day.com/crx/1.0\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:repl=\"http://www.day.com/crx/replication/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:AccessControl</sv:value></sv:property><sv:node sv:name=\"rep:authorizables\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:AccessControl</sv:value></sv:property><sv:node sv:name=\"rep:groups\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:AccessControl</sv:value></sv:property><sv:node sv:
name=\"administrators\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:PrincipalAccessControl</sv:value></sv:property><sv:node sv:name=\"rep:policy\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:ACL</sv:value></sv:property><sv:node sv:name=\"entry\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:GrantACE</sv:value></sv:property><sv:property sv:name=\"rep:glob\" sv:type=\"String\"><sv:value>*</sv:value></sv:property><sv:property sv:name=\"rep:nodePath\" sv:type=\"Path\"><sv:value>/</sv:value></sv:property><sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>administrators</sv:value></sv:property><sv:property sv:name=\"rep:privileges\" sv:type=\"Name\"><sv:value>jcr:all</sv:value></sv:property></sv:node></sv:node></sv:node></sv:node><sv:node sv:name=\"rep:users\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:AccessControl</sv:value></sv:property><sv:node sv
:name=\"admin\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:AccessControl</sv:value></sv:property><sv:node sv:name=\"t\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:PrincipalAccessControl</sv:value></sv:property></sv:node><sv:node sv:name=\"a\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:PrincipalAccessControl</sv:value></sv:property></sv:node></sv:node><sv:node sv:name=\"anonymous\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:PrincipalAccessControl</sv:value></sv:property></sv:node></sv:node></sv:node></sv:node>";
+
+ private static final String XML_POLICY_ONLY = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><sv:node sv:name=\"test\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>nt:unstructured</sv:value></sv:property><sv:property sv:name=\"jcr:mixinTypes\" sv:type=\"Name\"><sv:value>rep:AccessControllable</sv:value><sv:value>mix:versionable</sv:value></sv:property><sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>0a0ca2e9-ab98-4433-a12b-d57283765207</sv:value></sv:property><sv:property sv:name=\"jcr:baseVersion\" sv:type=\"Reference\"><sv:value>35d0d137-a3a4-4af3-8cdd-ce565ea6bdc9</sv:value></sv:property>
<sv:property sv:name=\"jcr:isCheckedOut\" sv:type=\"Boolean\"><sv:value>true</sv:value></sv:property><sv:property sv:name=\"jcr:predecessors\" sv:type=\"Reference\"><sv:value>35d0d137-a3a4-4af3-8cdd-ce565ea6bdc9</sv:value></sv:property><sv:property sv:name=\"jcr:versionHistory\" sv:type=\"Reference\"><sv:value>428c9ef2-78e5-4f1c-95d3-16b4ce72d815</sv:value></sv:property><sv:node sv:name=\"rep:policy\"><sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:ACL</sv:value></sv:property></sv:node></sv:node>";
+
+ /**
+ * Imports a resource-based ACL containing a single entry.
+ *
+ * @throws Exception
+ */
+ public void testImportACL() throws Exception {
+ try {
+ Node target = testRootNode;
+ doImport(target.getPath(), XML_POLICY_TREE);
+
+ assertTrue(target.hasNode("test"));
+ String path = target.getNode("test").getPath();
+
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ AccessControlPolicy[] policies = acMgr.getPolicies(path);
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ assertEquals(1, entries.length);
+
+ AccessControlEntry entry = entries[0];
+ assertEquals("everyone", entry.getPrincipal().getName());
+ assertEquals(1, entry.getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ if(entry instanceof JackrabbitAccessControlEntry) {
+ assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
+ }
+
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Imports a resource-based ACL containing a single entry.
+ *
+ * @throws Exception
+ */
+ public void testImportACLOnly() throws Exception {
+ try {
+ Node target = testRootNode.addNode(nodeName1);
+ target.addMixin("rep:AccessControllable");
+
+ doImport(target.getPath(), XML_POLICY_TREE_3);
+
+ String path = target.getPath();
+
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ AccessControlPolicy[] policies = acMgr.getPolicies(path);
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ assertEquals(2, entries.length);
+
+ AccessControlEntry entry = entries[0];
+ assertEquals("everyone", entry.getPrincipal().getName());
+ assertEquals(1, entry.getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ entry = entries[1];
+ assertEquals("admin", entry.getPrincipal().getName());
+ assertEquals(1, entry.getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ if(entry instanceof JackrabbitAccessControlEntry) {
+ assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
+ }
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Imports a resource-based ACL containing a single entry.
+ *
+ * @throws Exception
+ */
+ public void testImportACLRemoveACE() throws Exception {
+ try {
+ Node target = testRootNode.addNode(nodeName1);
+ target.addMixin("rep:AccessControllable");
+
+ doImport(target.getPath(), XML_POLICY_TREE_3);
+ doImport(target.getPath(), XML_POLICY_TREE_5);
+
+ String path = target.getPath();
+
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ AccessControlPolicy[] policies = acMgr.getPolicies(path);
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ //FIXME assert fails
+ assertEquals(1, entries.length);
+
+ AccessControlEntry entry = entries[0];
+ assertEquals("admin", entry.getPrincipal().getName());
+ assertEquals(1, entry.getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ if(entry instanceof JackrabbitAccessControlEntry) {
+ assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
+ }
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Imports a resource-based ACL containing a single entry.
+ *
+ * @throws Exception
+ */
+ public void testImportACLUnknown() throws Exception {
+ try {
+ Node target = testRootNode.addNode(nodeName1);
+ target.addMixin("rep:AccessControllable");
+
+ //FIXME import fails
+ doImport(target.getPath(), XML_POLICY_TREE_4);
+
+ String path = target.getPath();
+
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ AccessControlPolicy[] policies = acMgr.getPolicies(path);
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ assertEquals(2, entries.length);
+
+ AccessControlEntry entry = entries[0];
+ assertEquals("unknownprincipal", entry.getPrincipal().getName());
+ assertEquals(1, entry.getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ entry = entries[1];
+ assertEquals("admin", entry.getPrincipal().getName());
+ assertEquals(1, entry.getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ if(entry instanceof JackrabbitAccessControlEntry) {
+ assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
+ }
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Imports a resource-based ACL containing a single entry for a policy that
+ * already exists.
+ *
+ * @throws Exception
+ */
+ public void testImportPolicyExists() throws Exception {
+ // this test does not work anymore, since the normal behavior is replace
+ // all ACEs for an import. maybe control this behavior via uuid-flag.
+ if (true) {
+ return;
+ }
+
+ Node target = testRootNode;
+ target = target.addNode("test", "test:sameNameSibsFalseChildNodeDefinition");
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(target.getPath()); it.hasNext();) {
+ AccessControlPolicy policy = it.nextAccessControlPolicy();
+ if (policy instanceof AccessControlList) {
+ Privilege[] privs = new Privilege[] {acMgr.privilegeFromName(Privilege.JCR_LOCK_MANAGEMENT)};
+ ((AccessControlList) policy).addAccessControlEntry(((SessionImpl)superuser).getPrincipalManager().getEveryone(), privs);
+ acMgr.setPolicy(target.getPath(), policy);
+ }
+ }
+
+ try {
+
+ doImport(target.getPath(), XML_POLICY_TREE_2);
+
+ AccessControlPolicy[] policies = acMgr.getPolicies(target.getPath());
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ assertEquals(1, entries.length);
+
+ AccessControlEntry entry = entries[0];
+ assertEquals("everyone", entry.getPrincipal().getName());
+ List<Privilege> privs = Arrays.asList(entry.getPrivileges());
+ assertEquals(2, privs.size());
+ assertTrue(privs.contains(acMgr.privilegeFromName(Privilege.JCR_WRITE)) &&
+ privs.contains(acMgr.privilegeFromName(Privilege.JCR_LOCK_MANAGEMENT)));
+
+ assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
+
+ if(entry instanceof JackrabbitAccessControlEntry) {
+ assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
+ }
+
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Imports an empty resource-based ACL for a policy that already exists.
+ *
+ * @throws Exception
+ */
+ public void testImportEmptyExistingPolicy() throws Exception {
+ Node target = testRootNode;
+ target = target.addNode("test", "test:sameNameSibsFalseChildNodeDefinition");
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(target.getPath()); it.hasNext();) {
+ AccessControlPolicy policy = it.nextAccessControlPolicy();
+ if (policy instanceof AccessControlList) {
+ acMgr.setPolicy(target.getPath(), policy);
+ }
+ }
+
+ try {
+ doImport(target.getPath(), XML_POLICY_ONLY);
+
+ AccessControlPolicy[] policies = acMgr.getPolicies(target.getPath());
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ assertEquals(0, entries.length);
+
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Repo level acl must be imported underneath the root node.
+ *
+ * @throws Exception
+ */
+ public void testImportRepoACLAtRoot() throws Exception {
+ Node target = superuser.getRootNode();
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ try {
+ // need to add mixin. in contrast to only using JCR API to retrieve
+ // and set the policies the protected item import only is called if
+ // the node to be imported is defined to be protected. however, if
+ // the root node doesn't have the mixin assigned the defining node
+ // type of the imported policy nodes will be rep:root (unstructured)
+ // and the items will not be detected as being protected.
+ target.addMixin("rep:RepoAccessControllable");
+
+ doImport(target.getPath(), XML_REPO_POLICY_TREE);
+
+ AccessControlPolicy[] policies = acMgr.getPolicies(null);
+
+ assertEquals(1, policies.length);
+ assertTrue(policies[0] instanceof JackrabbitAccessControlList);
+
+ AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
+ assertEquals(1, entries.length);
+ assertEquals(1, entries[0].getPrivileges().length);
+ assertEquals(acMgr.privilegeFromName("jcr:workspaceManagement"), entries[0].getPrivileges()[0]);
+
+ assertTrue(target.hasNode("rep:repoPolicy"));
+ assertTrue(target.hasNode("rep:repoPolicy/allow"));
+
+ // clean up again
+ acMgr.removePolicy(null, policies[0]);
+ assertFalse(target.hasNode("rep:repoPolicy"));
+ assertFalse(target.hasNode("rep:repoPolicy/allow"));
+
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Make sure repo-level acl is not imported below any other node than the
+ * root node.
+ *
+ * @throws Exception
+ */
+ public void testImportRepoACLAtTestNode() throws Exception {
+ Node target = testRootNode.addNode("test");
+ target.addMixin("rep:RepoAccessControllable");
+
+ AccessControlManager acMgr = superuser.getAccessControlManager();
+ try {
+ doImport(target.getPath(), XML_REPO_POLICY_TREE);
+
+ AccessControlPolicy[] policies = acMgr.getPolicies(null);
+ assertEquals(0, policies.length);
+
+ assertTrue(target.hasNode("rep:repoPolicy"));
+ assertFalse(target.hasNode("rep:repoPolicy/allow0"));
+
+ Node n = target.getNode("rep:repoPolicy");
+ assertEquals("rep:RepoAccessControllable", n.getDefinition().getDeclaringNodeType().getName());
+ } finally {
+ superuser.refresh(false);
+ }
+ }
+
+ /**
+ * Imports a principal-based ACL containing a single entry mist fail with
+ * the default configuration.
+ *
+ * @throws Exception
+ */
+ public void testImportPrincipalBasedACL() throws Exception {
+// JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) superuser.getAccessControlManager();
+// if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 ||
+// acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
+// // test expects that only resource-based acl is supported
+// throw new NotExecutableException();
+// }
+//
+// PrincipalManager pmgr = sImpl.getPrincipalManager();
+// if (!pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
+// UserManager umgr = sImpl.getUserManager();
+// umgr.createGroup(new PrincipalImpl(SecurityConstants.ADMINISTRATORS_NAME));
+// if (!umgr.isAutoSave()) {
+// sImpl.save();
+// }
+// if (pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
+// throw new NotExecutableException();
+// }
+// }
+//
+//
+// NodeImpl target;
+// NodeImpl root = (NodeImpl) sImpl.getRootNode();
+// if (!root.hasNode(AccessControlConstants.N_ACCESSCONTROL)) {
+// target = root.addNode(AccessControlConstants.N_ACCESSCONTROL, AccessControlConstants.NT_REP_ACCESS_CONTROL, null);
+// } else {
+// target = root.getNode(AccessControlConstants.N_ACCESSCONTROL);
+// if (!target.isNodeType(AccessControlConstants.NT_REP_ACCESS_CONTROL)) {
+// target.setPrimaryType(sImpl.getJCRName(AccessControlConstants.NT_REP_ACCESS_CONTROL));
+// }
+// }
+// try {
+//
+// InputStream in = new ByteArrayInputStream(XML_AC_TREE.getBytes("UTF-8"));
+//
+// SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
+// ImportHandler ih = new ImportHandler(importer, sImpl);
+// new ParsingContentHandler(ih).parse(in);
+//
+// fail("Default config only allows resource-based ACL -> protected import must fail");
+//
+// } catch (SAXException e) {
+// if (e.getException() instanceof ConstraintViolationException) {
+// // success
+// } else {
+// throw e;
+// }
+// } finally {
+// superuser.refresh(false);
+// }
+ }
+
+ private void doImport(String parentPath, String xml) throws IOException, SAXException, RepositoryException {
+ InputStream in = new ByteArrayInputStream(xml.getBytes("UTF-8"));
+ superuser.importXML(parentPath, in, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW);
+ }
+}
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlImporterTest.java
------------------------------------------------------------------------------
svn:executable = *
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/JackrabbitAccessControlListTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/VersionManagementTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AbstractUserTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AdministratorTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizablePropertyTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AuthorizableTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/CreateGroupTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/CreateUserTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ImpersonationTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/NestedGroupTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java?rev=1454544&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java (added)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java Fri Mar 8 20:49:43 2013
@@ -0,0 +1,149 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.jcr.security.user;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import javax.jcr.ImportUUIDBehavior;
+import javax.jcr.Node;
+import javax.jcr.RepositoryException;
+
+import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.junit.Test;
+import org.xml.sax.SAXException;
+
+/**
+ * UserImportTest...
+ */
+public class UserImportTest extends AbstractUserTest {
+
+ private static final String USERPATH = "/rep:security/rep:authorizables/rep:users";
+ private static final String GROUPPATH = "/rep:security/rep:authorizables/rep:groups";
+
+ @Override
+ protected void setUp() throws Exception {
+ super.setUp();
+ // avoid collision with testing a-folders that may have been created
+ // with another test (but not removed as user/groups got removed)
+ String path = USERPATH + "/t";
+ if (superuser.nodeExists(path)) {
+ superuser.getNode(path).remove();
+ }
+ path = GROUPPATH + "/g";
+ if (superuser.nodeExists(path)) {
+ superuser.getNode(path).remove();
+ }
+ superuser.save();
+ }
+
+ @Override
+ protected void tearDown() throws Exception {
+ //TODO
+ try {
+ super.tearDown();
+ } catch (Exception ignore) {}
+ }
+
+ @Test
+ public void testImportUser() throws RepositoryException, IOException, SAXException {
+ String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+ "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" +
+ " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" +
+ " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" +
+ " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" +
+ " <sv:property sv:name=\"rep:disabled\" sv:type=\"String\"><sv:value>disabledUser</sv:value></sv:property>" +
+ "</sv:node>";
+
+ Node parent = superuser.getNode(USERPATH);
+ try {
+ doImport(USERPATH, xml);
+
+ Authorizable newUser = userMgr.getAuthorizable("t");
+ assertNotNull(newUser);
+ assertFalse(newUser.isGroup());
+ assertEquals("t", newUser.getPrincipal().getName());
+ assertEquals("t", newUser.getID());
+ assertTrue(((User) newUser).isDisabled());
+ assertEquals("disabledUser", ((User) newUser).getDisabledReason());
+
+ Node n = superuser.getNode(newUser.getPath());
+ assertTrue(n.isNew());
+ assertTrue(n.getParent().isSame(parent));
+
+ assertEquals("t", n.getName());
+ assertEquals("t", n.getProperty(UserConstants.REP_PRINCIPAL_NAME).getString());
+ assertEquals("{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375", n.getProperty(UserConstants.REP_PASSWORD).getString());
+ assertEquals("disabledUser", n.getProperty(UserConstants.REP_DISABLED).getString());
+
+ // saving changes of the import -> must succeed. add mandatory
+ // props should have been created.
+ superuser.save();
+
+ } finally {
+ if (parent.hasNode("t")) {
+ parent.getNode("t").remove();
+ superuser.save();
+ }
+ }
+ }
+
+ public void testImportGroup() throws RepositoryException, IOException, SAXException {
+ String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+ "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" +
+ " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" +
+ " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" +
+ " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>g</sv:value></sv:property>" +
+ "</sv:node>";
+
+ Node parent = superuser.getNode(GROUPPATH);
+ try {
+ doImport(GROUPPATH, xml);
+
+ Authorizable newGroup = userMgr.getAuthorizable("g");
+ assertNotNull(newGroup);
+ assertTrue(newGroup.isGroup());
+ assertEquals("g", newGroup.getPrincipal().getName());
+ assertEquals("g", newGroup.getID());
+
+ Node n = superuser.getNode(newGroup.getPath());
+ assertTrue(n.isNew());
+ assertTrue(n.getParent().isSame(parent));
+
+ assertEquals("g", n.getName());
+ assertEquals("g", n.getProperty(UserConstants.REP_PRINCIPAL_NAME).getString());
+
+ // saving changes of the import -> must succeed. add mandatory
+ // props should have been created.
+ superuser.save();
+
+ } finally {
+ if (parent.hasNode("g")) {
+ parent.getNode("g").remove();
+ superuser.save();
+ }
+ }
+ }
+
+ private void doImport(String parentPath, String xml) throws IOException, SAXException, RepositoryException {
+ InputStream in = new ByteArrayInputStream(xml.getBytes("UTF-8"));
+ superuser.importXML(parentPath, in, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW);
+ }
+}
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
------------------------------------------------------------------------------
svn:executable = *
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserManagerTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
------------------------------------------------------------------------------
svn:eol-style = native