Author: reto
Date: Thu Jul 15 13:40:24 2010
New Revision: 964423
URL: http://svn.apache.org/viewvc?rev=964423&view=rev
Log:
CLEREZZA-253: added test and fixed bugs
Modified:
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/main/java/org/apache/clerezza/rdf/core/access/security/TcAccessController.java
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/test/java/org/apache/clerezza/rdf/core/access/SecurityTest.java
Modified:
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/main/java/org/apache/clerezza/rdf/core/access/security/TcAccessController.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/main/java/org/apache/clerezza/rdf/core/access/security/TcAccessController.java?rev=964423&r1=964422&r2=964423&view=diff
==============================================================================
---
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/main/java/org/apache/clerezza/rdf/core/access/security/TcAccessController.java
(original)
+++
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/main/java/org/apache/clerezza/rdf/core/access/security/TcAccessController.java
Thu Jul 15 13:40:24 2010
@@ -117,7 +117,7 @@ public class TcAccessController {
public void setRequiredReadPermissions(UriRef tripleCollectionUri,
Collection<String> permissionDescriptions) {
permissionCache.remove(tripleCollectionUri);
- final LockableMGraph permissionMGraph =
tcManager.getMGraph(permissionGraphName);
+ final LockableMGraph permissionMGraph =
getOrCreatePermisionGraph();
Lock l = permissionMGraph.getLock().writeLock();
l.lock();
try {
@@ -150,7 +150,7 @@ public class TcAccessController {
final BNode result = new BNode();
permissionMGraph.add(new TripleImpl(result, first,
LiteralFactory.getInstance().createTypedLiteral(iterator.next())));
- permissionMGraph.add(new TripleImpl(result, first,
+ permissionMGraph.add(new TripleImpl(result, rest,
createList(iterator, permissionMGraph)));
return result;
@@ -187,6 +187,7 @@ public class TcAccessController {
try {
final LockableMGraph permissionMGraph =
tcManager.getMGraph(permissionGraphName);
Lock l = permissionMGraph.getLock().readLock();
+ l.lock();
try {
Triple t =
permissionMGraph.filter(tripleCollectionUri, readPermissionListProperty,
null).next();
NonLiteral list = (NonLiteral) t.getObject();
@@ -215,4 +216,12 @@ public class TcAccessController {
String value =
LiteralFactory.getInstance().createObject(String.class, firstValue);
target.addFirst(value);
}
+
+ private LockableMGraph getOrCreatePermisionGraph() {
+ try {
+ return tcManager.getMGraph(permissionGraphName);
+ } catch (NoSuchEntityException e) {
+ return tcManager.createMGraph(permissionGraphName);
+ }
+ }
}
Modified:
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/test/java/org/apache/clerezza/rdf/core/access/SecurityTest.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/test/java/org/apache/clerezza/rdf/core/access/SecurityTest.java?rev=964423&r1=964422&r2=964423&view=diff
==============================================================================
---
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/test/java/org/apache/clerezza/rdf/core/access/SecurityTest.java
(original)
+++
incubator/clerezza/issues/CLEREZZA-253/org.apache.clerezza.rdf.core/src/test/java/org/apache/clerezza/rdf/core/access/SecurityTest.java
Thu Jul 15 13:40:24 2010
@@ -26,6 +26,7 @@ import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
+import java.util.Collections;
import java.util.PropertyPermission;
import org.junit.After;
import org.junit.AfterClass;
@@ -34,6 +35,7 @@ import org.junit.BeforeClass;
import org.junit.Test;
import org.apache.clerezza.rdf.core.MGraph;
import org.apache.clerezza.rdf.core.Triple;
+import org.apache.clerezza.rdf.core.TripleCollection;
import org.apache.clerezza.rdf.core.UriRef;
import org.apache.clerezza.rdf.core.access.providers.WeightedA;
import org.apache.clerezza.rdf.core.access.providers.WeightedDummy;
@@ -75,10 +77,12 @@ public class SecurityTest {
result.add(new
TcPermission("http://example.org/graph/alreadyexists";, "readwrite"));
result.add(new
TcPermission("http://example.org/read/graph";, "read"));
result.add(new
TcPermission("http://example.org/area/allowed/*";, "readwrite"));
+ result.add(new
TcPermission("http://zz.localhost/graph-access.graph";, "readwrite"));
//result.add(new AllPermission());
result.add(new RuntimePermission("*"));
result.add(new
ReflectPermission("suppressAccessChecks"));
- result.add(new
PropertyPermission("user.timezone", "read"));
+ result.add(new PropertyPermission("*", "read"));
+ //(java.util.PropertyPermission line.separator
read)
result.add(new FilePermission("/-",
"read,write"));
return result;
}
@@ -125,6 +129,17 @@ public class SecurityTest {
public void testAcessForbiddenGraph() {
TcManager.getInstance().getGraph(new
UriRef("http://example.org/forbidden";));
}
+
+ @Test(expected=NoSuchEntityException.class)
+ public void testCustomPermissions() {
+ UriRef graphUri = new UriRef("http://example.org/custom";);
+
TcManager.getInstance().getTcAccessController().setRequiredReadPermissions(graphUri,
+
Collections.singletonList("(java.io.FilePermission \"/etc\" \"write\")"));
+ //new FilePermission("/etc", "write").toString()));
+ TripleCollection ag = TcManager.getInstance().getTriples(new
UriRef("http://zz.localhost/graph-access.graph";));
+ System.out.print(ag.toString());
+ TcManager.getInstance().getMGraph(graphUri);
+ }
@Test(expected=EntityAlreadyExistsException.class)
public void testCreateMGraph() {
