Author: rombert
Date: Thu Aug 24 14:35:24 2017
New Revision: 1806050
URL: http://svn.apache.org/viewvc?rev=1806050&view=rev
Log:
SLING-3224 - GetAclTest integration test fails due to incorrect
privilege expansion in AbstractGetAclServlet
Removed correct test this time.
Modified:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/GetAclTest.java
Modified:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/GetAclTest.java
URL:
http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/GetAclTest.java?rev=1806050&r1=1806049&r2=1806050&view=diff
==============================================================================
---
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/GetAclTest.java
(original)
+++
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/GetAclTest.java
Thu Aug 24 14:35:24 2017
@@ -39,7 +39,6 @@ import org.apache.sling.commons.testing.
import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
import org.junit.After;
import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Test;
/**
@@ -216,7 +215,7 @@ public class GetAclTest {
* Test for SLING-2600, Effective ACL servlet returns incorrect
information
*/
@Test
- public void testEffectiveAclMergeForUser_MorePrivilegesGrantedOnChild()
throws IOException, JsonException {
+ public void
testEffectiveAclMergeForUser_FewerPrivilegesGrantedOnChild() throws
IOException, JsonException {
testUserId = H.createTestUser();
String testFolderUrl = H.createTestFolder("{
\"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\",
\"child\" : { \"childPropOne\" : true } }");
@@ -226,7 +225,7 @@ public class GetAclTest {
//1. create an initial set of privileges
List<NameValuePair> postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testUserId));
- postParams.add(new NameValuePair("privilege@jcr:write",
"granted"));
+ postParams.add(new NameValuePair("privilege@jcr:all",
"granted"));
Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
@@ -235,7 +234,7 @@ public class GetAclTest {
postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testUserId));
- postParams.add(new NameValuePair("privilege@jcr:all",
"granted"));
+ postParams.add(new NameValuePair("privilege@jcr:write",
"granted"));
postUrl = testFolderUrl + "/child.modifyAce.html";
H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
@@ -270,8 +269,8 @@ public class GetAclTest {
/**
* Test for SLING-2600, Effective ACL servlet returns incorrect
information
*/
- @Test
- public void
testEffectiveAclMergeForUser_SubsetOfPrivilegesDeniedOnChild() throws
IOException, JsonException {
+ @Test
+ public void testEffectiveAclMergeForUser_MorePrivilegesGrantedOnChild()
throws IOException, JsonException {
testUserId = H.createTestUser();
String testFolderUrl = H.createTestFolder("{
\"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\",
\"child\" : { \"childPropOne\" : true } }");
@@ -281,14 +280,16 @@ public class GetAclTest {
//1. create an initial set of privileges
List<NameValuePair> postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testUserId));
- postParams.add(new NameValuePair("privilege@jcr:all",
"granted"));
+ postParams.add(new NameValuePair("privilege@jcr:write",
"granted"));
Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
+ H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
+
postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testUserId));
- postParams.add(new NameValuePair("privilege@jcr:write",
"denied"));
+ postParams.add(new NameValuePair("privilege@jcr:all",
"granted"));
postUrl = testFolderUrl + "/child.modifyAce.html";
H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
@@ -309,36 +310,15 @@ public class GetAclTest {
JsonArray grantedArray = aceObject.getJsonArray("granted");
assertNotNull(grantedArray);
- assertTrue(grantedArray.size() >= 8);
+ assertEquals(1, grantedArray.size());
Set<String> grantedPrivilegeNames = new HashSet<String>();
for (int i=0; i < grantedArray.size(); i++) {
grantedPrivilegeNames.add(grantedArray.getString(i));
}
- H.assertPrivilege(grantedPrivilegeNames,false,"jcr:all");
- H.assertPrivilege(grantedPrivilegeNames,false,"jcr:write");
- H.assertPrivilege(grantedPrivilegeNames,true,"jcr:read");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:readAccessControl");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:modifyAccessControl");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:lockManagement");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:versionManagement");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:nodeTypeManagement");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:retentionManagement");
-
H.assertPrivilege(grantedPrivilegeNames,true,"jcr:lifecycleManagement");
- //jcr:write aggregate privileges should be denied
-
H.assertPrivilege(grantedPrivilegeNames,false,"jcr:modifyProperties");
-
H.assertPrivilege(grantedPrivilegeNames,false,"jcr:addChildNodes");
- H.assertPrivilege(grantedPrivilegeNames,false,"jcr:removeNode");
-
H.assertPrivilege(grantedPrivilegeNames,false,"jcr:removeChildNodes");
-
-
- JsonArray deniedArray = aceObject.getJsonArray("denied");
- assertNotNull(deniedArray);
- assertEquals(1, deniedArray.size());
- Set<String> deniedPrivilegeNames = new HashSet<String>();
- for (int i=0; i < deniedArray.size(); i++) {
- deniedPrivilegeNames.add(deniedArray.getString(i));
- }
- H.assertPrivilege(deniedPrivilegeNames, true, "jcr:write");
+ H.assertPrivilege(grantedPrivilegeNames,true,"jcr:all");
+
+ Object deniedArray = aceObject.get("denied");
+ assertNull(deniedArray);
}
/**