This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-resourceaccesssecurity-it.git
commit bf5fceb164d7e9d7789868891b53028255d3f699 Author: Mike Müller <[email protected]> AuthorDate: Wed Mar 19 12:40:59 2014 +0000 SLING-3458 - Restrictions imposed by ProviderResourceAccessSecurity should not be discarded by ApplicationResourceAccessSecurity, SLING-3462 - Make ResourceAccessSecurity provider context and application context behave the same way git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@1579213 13f79535-47bb-0310-9956-ffa450edef68 --- pom.xml | 9 ++-- .../it/impl/gates/AResourceAccessGate.java | 4 +- .../it/impl/gates/ApplicationGate1.java | 2 +- .../it/impl/gates/ApplicationGate2.java | 2 +- ...ationGate1.java => ApplicationGateDefault.java} | 55 +++++++++++++++++++--- .../it/impl/gates/FinalApplicationGate1.java | 2 +- .../it/impl/gates/FinalApplicationGate2.java | 2 +- .../it/impl/gates/FinalProviderGate1.java | 2 +- .../it/impl/gates/FinalProviderGate2.java | 2 +- .../it/impl/gates/ProviderGate1.java | 2 +- .../it/impl/gates/ProviderGate2.java | 2 +- .../SecuredReadAndUpdateResourceProvider.java | 2 +- .../secured/SecuredReadResourceProvider.java | 2 +- .../unsecured/UnsecuredReadAndUpdateProvider.java | 2 +- .../providers/unsecured/UnsecuredReadProvider.java | 2 +- .../SecuredProviderResourceAccessSecurityTest.java | 53 ++++++++++++++++----- ...nsecuredProviderResourceAccessSecurityTest.java | 6 +-- 17 files changed, 111 insertions(+), 40 deletions(-) diff --git a/pom.xml b/pom.xml index df72294..ed5a5cc 100644 --- a/pom.xml +++ b/pom.xml @@ -31,9 +31,9 @@ <version>0.0.1-SNAPSHOT</version> <packaging>bundle</packaging> - <name>Apache Resource Access Security Integration Tests</name> + <name>Apache Sling Resource Access Security Integration Tests</name> <description> - Project hat tests functionality for org.apache.sling.resourceaccesssecurity and org.apache.sling.jcr.resourcesecurity bundles. + Project that tests functionality for org.apache.sling.resourceaccesssecurity bundle. </description> <!-- @@ -71,8 +71,8 @@ <test.server.password /> <!-- Options for the VM that executes our runnable jar --> - <!--<jar.executor.vm.options>-Xmx512m -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 -Xnoagent -Djava.compiler=NONE</jar.executor.vm.options> --> - <jar.executor.vm.options>-Xmx512m</jar.executor.vm.options> + <!--<jar.executor.vm.options>-Xmx512m -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 -Xnoagent -Djava.compiler=NONE</jar.executor.vm.options> --> + <jar.executor.vm.options>-Xmx512m</jar.executor.vm.options> <!-- Change this to use longer or shorter timeouts for testing --> <sling.testing.timeout.multiplier>1.0</sling.testing.timeout.multiplier> @@ -254,7 +254,6 @@ --> <sling.additional.bundle.5>org.apache.sling.resourceaccesssecurity-</sling.additional.bundle.5> - <sling.additional.bundle.6>org.apache.sling.jcr.resourcesecurity-</sling.additional.bundle.6> <sling.additional.bundle.7>${project.build.finalName}.jar</sling.additional.bundle.7> </systemPropertyVariables> </configuration> diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/AResourceAccessGate.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/AResourceAccessGate.java index 075e9fb..01c5ca5 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/AResourceAccessGate.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/AResourceAccessGate.java @@ -47,7 +47,7 @@ public abstract class AResourceAccessGate extends AllowingResourceAccessGate imp @Override public GateResult canRead(Resource resource) { - GateResult returnValue = GateResult.DONTCARE; + GateResult returnValue = GateResult.CANT_DECIDE; if ( resource.getPath().contains( getGateId() + "-denyread") ) { @@ -68,7 +68,7 @@ public abstract class AResourceAccessGate extends AllowingResourceAccessGate imp @Override public GateResult canUpdate(Resource resource) { - GateResult returnValue = GateResult.DONTCARE; + GateResult returnValue = GateResult.CANT_DECIDE; if ( resource.getPath().contains( getGateId() + "-denyupdate") ) { diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate1.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate1.java index dc5982f..766875f 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate1.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate1.java @@ -33,7 +33,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(app|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.OPERATIONS, value="read,update", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.APPLICATION_CONTEXT, propertyPrivate=true) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate2.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate2.java index d927be0..899e585 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate2.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGate2.java @@ -33,7 +33,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(app|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.OPERATIONS, value="read,update", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.APPLICATION_CONTEXT, propertyPrivate=true) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGateDefault.java similarity index 51% copy from src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java copy to src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGateDefault.java index 47b4c97..51fdd83 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ApplicationGateDefault.java @@ -27,24 +27,65 @@ import org.apache.sling.api.resource.Resource; import org.apache.sling.api.resource.ResourceResolver; import org.apache.sling.resourceaccesssecurity.AllowingResourceAccessGate; import org.apache.sling.resourceaccesssecurity.ResourceAccessGate; +import org.apache.sling.resourceaccesssecurity.ResourceAccessGate.GateResult; import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="^((?!(/test/secured-provider/read|/test/unsecured-provider/read)).*|/test/(un|)secured-provider/read(-update|)/prov/.*)", description="The path is a regular expression for which resources the service should be called"), - @Property(name=ResourceAccessGate.FINALOPERATIONS, value="read,update", propertyPrivate=true), + @Property(name=ResourceAccessGate.OPERATIONS, value="", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.APPLICATION_CONTEXT, propertyPrivate=true) }) -public class FinalApplicationGate1 extends AResourceAccessGate implements ResourceAccessGate { +public class ApplicationGateDefault extends AllowingResourceAccessGate implements ResourceAccessGate { - public static String GATE_ID = "finalappgate1"; - @Override - protected String getGateId() { - return GATE_ID; + public GateResult canRead(final Resource resource) { + return GateResult.GRANTED; } + @Override + public GateResult canCreate(final String absPathName, + final ResourceResolver resourceResolver) { + return GateResult.GRANTED; + } + + @Override + public GateResult canUpdate(final Resource resource) { + return GateResult.GRANTED; + } + + @Override + public GateResult canDelete(final Resource resource) { + return GateResult.GRANTED; + } + + @Override + public GateResult canExecute(final Resource resource) { + return GateResult.GRANTED; + } + + @Override + public GateResult canReadValue(final Resource resource, final String valueName) { + return GateResult.GRANTED; + } + + @Override + public GateResult canCreateValue(final Resource resource, final String valueName) { + return GateResult.GRANTED; + } + + @Override + public GateResult canUpdateValue(final Resource resource, final String valueName) { + return GateResult.GRANTED; + } + + @Override + public GateResult canDeleteValue(final Resource resource, final String valueName) { + return GateResult.GRANTED; + } + + } diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java index 47b4c97..c31eba2 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate1.java @@ -33,7 +33,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(app|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.FINALOPERATIONS, value="read,update", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.APPLICATION_CONTEXT, propertyPrivate=true) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate2.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate2.java index 7a95703..05f6646 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate2.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalApplicationGate2.java @@ -33,7 +33,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(app|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.FINALOPERATIONS, value="read,update", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.APPLICATION_CONTEXT, propertyPrivate=true) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate1.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate1.java index 445a706..34f1b28 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate1.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate1.java @@ -34,7 +34,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(prov|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.FINALOPERATIONS, value="read,update", propertyPrivate=true), @Property(name = Constants.SERVICE_RANKING, intValue = 10, propertyPrivate = false), diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate2.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate2.java index ff86ff9..d6653a7 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate2.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/FinalProviderGate2.java @@ -34,7 +34,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(prov|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.FINALOPERATIONS, value="read,update", propertyPrivate=true), @Property(name = Constants.SERVICE_RANKING, intValue = 5, propertyPrivate = false), diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate1.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate1.java index 7b6d773..10e2a13 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate1.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate1.java @@ -27,7 +27,7 @@ import org.apache.sling.resourceaccesssecurity.ResourceAccessGate; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(prov|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.OPERATIONS, value="read,update", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.PROVIDER_CONTEXT, propertyPrivate=true) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate2.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate2.java index 8dda05d..a397bd2 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate2.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/gates/ProviderGate2.java @@ -33,7 +33,7 @@ import java.util.Map; @Component @Service(value=ResourceAccessGate.class) @Properties({ - @Property(name=ResourceAccessGate.PATH, label="Path", + @Property(name=ResourceAccessGate.PATH, label="Path", value="/test/(un|)secured-provider/read(-update|)/(prov|mixed)/.*", description="The path is a regular expression for which resources the service should be called"), @Property(name=ResourceAccessGate.OPERATIONS, value="read,update", propertyPrivate=true), @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.PROVIDER_CONTEXT, propertyPrivate=true) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadAndUpdateResourceProvider.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadAndUpdateResourceProvider.java index 9a75601..60d7579 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadAndUpdateResourceProvider.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadAndUpdateResourceProvider.java @@ -38,7 +38,7 @@ import java.util.concurrent.ConcurrentHashMap; @Component(metatype = true, label = "Secured ResourceProvider") @Service(value = ResourceProvider.class) @Properties({ - @Property(name = ResourceProvider.ROOTS, value = "/providers/secured/read-update" ), + @Property(name = ResourceProvider.ROOTS, value = "/test/secured-provider/read-update" ), @Property(name = ResourceProvider.USE_RESOURCE_ACCESS_SECURITY, boolValue=true, propertyPrivate=true), @Property(name = ResourceProvider.OWNS_ROOTS, boolValue=true, propertyPrivate=true) }) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadResourceProvider.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadResourceProvider.java index a6dcddd..e3419b8 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadResourceProvider.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/secured/SecuredReadResourceProvider.java @@ -28,7 +28,7 @@ import org.apache.sling.resourceaccesssecurity.it.impl.providers.SimpleResourceP @Component(metatype = true, label = "Secured ResourceProvider") @Service(value = ResourceProvider.class) @Properties({ - @Property(name = ResourceProvider.ROOTS, value = "/providers/secured/read" ), + @Property(name = ResourceProvider.ROOTS, value = "/test/secured-provider/read" ), @Property(name = ResourceProvider.USE_RESOURCE_ACCESS_SECURITY, boolValue=true, propertyPrivate=true), @Property(name = ResourceProvider.OWNS_ROOTS, boolValue=true, propertyPrivate=true) }) diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadAndUpdateProvider.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadAndUpdateProvider.java index a34ef8c..e477f47 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadAndUpdateProvider.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadAndUpdateProvider.java @@ -12,7 +12,7 @@ import org.apache.sling.resourceaccesssecurity.it.impl.providers.SimpleResourceP @Component(metatype = true, label = "Unsecured ResourceProvider") @Service(value = ResourceProvider.class) @Properties({ - @Property(name = ResourceProvider.ROOTS, value = "/providers/unsecured/read-update" ) + @Property(name = ResourceProvider.ROOTS, value = "/test/unsecured-provider/read-update" ) }) public class UnsecuredReadAndUpdateProvider extends SimpleModifiableResourceProvider implements ResourceProvider { diff --git a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadProvider.java b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadProvider.java index 7ee83c2..579f85d 100644 --- a/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadProvider.java +++ b/src/main/java/org/apache/sling/resourceaccesssecurity/it/impl/providers/unsecured/UnsecuredReadProvider.java @@ -11,7 +11,7 @@ import org.apache.sling.resourceaccesssecurity.it.impl.providers.SimpleResourceP @Component(metatype = true, label = "Unsecured ResourceProvider") @Service(value = ResourceProvider.class) @Properties({ - @Property(name = ResourceProvider.ROOTS, value = "/providers/unsecured/read" ) + @Property(name = ResourceProvider.ROOTS, value = "/test/unsecured-provider/read" ) }) public class UnsecuredReadProvider extends SimpleResourceProvider implements ResourceProvider { diff --git a/src/test/java/org/apache/sling/resourceaccesssecurity/it/SecuredProviderResourceAccessSecurityTest.java b/src/test/java/org/apache/sling/resourceaccesssecurity/it/SecuredProviderResourceAccessSecurityTest.java index 4029002..c9a7e36 100644 --- a/src/test/java/org/apache/sling/resourceaccesssecurity/it/SecuredProviderResourceAccessSecurityTest.java +++ b/src/test/java/org/apache/sling/resourceaccesssecurity/it/SecuredProviderResourceAccessSecurityTest.java @@ -22,9 +22,8 @@ import org.junit.Test; public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSecurityTestBase { - @Test public void testNonExistingResource() throws Exception { - String path = "/providers/secured/noresource.json"; + String path = "/test/secured-provider/noresource.json"; testRead(getServerUsername(), getServerPassword(), path, 404); testRead(getTestUsername(), getTestPassword(), path, 404); @@ -32,7 +31,7 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testAllowedReadAccess() throws Exception { - String path = "/providers/secured/read/providergate1-allowread_providergate2-denyread/test.json"; + String path = "/test/secured-provider/read/prov/providergate1-allowread_providergate2-denyread/test.json"; testRead(getServerUsername(), getServerPassword(), path, 200); testRead(getTestUsername(), getTestPassword(), path, 200); @@ -41,7 +40,7 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testDeniedReadAccessFromNonModifiableProvider() throws Exception { - String path = "/providers/secured/read/providergate1-denyread/test.json"; + String path = "/test/secured-provider/read/prov/providergate1-denyread/test.json"; testRead(getServerUsername(), getServerPassword(), path, 404); testRead(getTestUsername(), getTestPassword(), path, 404); @@ -50,7 +49,7 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testDeniedReadAccessFromModifiableProvider() throws Exception { - String path = "/providers/secured/read-update/providergate1-denyread/test.json"; + String path = "/test/secured-provider/read-update/prov/providergate1-denyread/test.json"; testRead(getServerUsername(), getServerPassword(), path, 404); testRead(getTestUsername(), getTestPassword(), path, 404); @@ -59,7 +58,7 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testNotDefinedReadAccess() throws Exception { - String path = "/providers/secured/read-update/providergate2-denyupdate/test.json"; + String path = "/test/secured-provider/read-update/prov/providergate2-denyupdate/test.json"; testRead(getServerUsername(), getServerPassword(), path, 404); testRead(getTestUsername(), getTestPassword(), path, 404); @@ -69,7 +68,7 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testAllowedReadAndUpdate() throws Exception { - String path = "/providers/secured/read-update/providergate2-allowupdate_providergate1-allowread/test.json"; + String path = "/test/secured-provider/read-update/prov/providergate2-allowupdate_providergate1-allowread/test.json"; testRead(getTestUsername(), getTestPassword(), path, 200); testUpdate(getTestUsername(), getTestPassword(), path, 200); @@ -78,14 +77,14 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testUpdateAllowedUpdateAllowedRead() throws Exception { - String allowPath = "/providers/secured/read-update/providergate1-allowread_providergate1-allowupdate/test.json"; + String allowPath = "/test/secured-provider/read-update/prov/providergate1-allowread_providergate1-allowupdate/test.json"; testUpdate(getTestUsername(), getTestPassword(), allowPath, 200); } @Test public void testUpdateAllowedUpdateDeniedRead() throws Exception { - String path = "/providers/secured/read-update/providergate2-allowupdate_providergate1-denyread/test.json"; + String path = "/test/secured-provider/read-update/prov/providergate2-allowupdate_providergate1-denyread/test.json"; testRead(getTestUsername(), getTestPassword(), path, 404); testUpdate(getTestUsername(), getTestPassword(), path, 500, "UnsupportedOperationException"); @@ -93,7 +92,7 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testUpdateDeniedUpdateDeniedRead() throws Exception { - String path = "/providers/secured/read-update/providergate2-denyupdate_providergate1-denyread/test.json"; + String path = "/test/secured-provider/read-update/prov/providergate2-denyupdate_providergate1-denyread/test.json"; testRead(getTestUsername(), getTestPassword(), path, 404); testUpdate(getTestUsername(), getTestPassword(), path, 500, "UnsupportedOperationException"); @@ -101,10 +100,42 @@ public class SecuredProviderResourceAccessSecurityTest extends ResourceAccessSec @Test public void testUpdateDeniedUpdateAllowedRead() throws Exception { - String path = "/providers/secured/read-update/providergate2-denyupdate_providergate1-allowread_appgate1-denyupdate/test.json"; + String path = "/test/secured-provider/read-update/prov/providergate2-denyupdate_providergate1-allowread/test.json"; testRead(getTestUsername(), getTestPassword(), path, 200); testUpdate(getTestUsername(), getTestPassword(), path, 500, "is not modifiable"); } + @Test + public void testReadOnlyApplicationAccessGatePresent() throws Exception { + String path = "/test/secured-provider/read/app/appgate1_allowread/test.json"; + + testRead(getTestUsername(), getTestPassword(), path, 404); + } + + @Test + public void testReadMixedAccessGatesPresent() throws Exception { + String path1 = "/test/secured-provider/read/mixed/appgate1-allowread_providergate1-denyread/test.json"; + String path2 = "/test/secured-provider/read/mixed/appgate1-denyread_providergate1-allowread/test.json"; + String path3 = "/test/secured-provider/read/mixed/appgate1-allowread_providergate1-allowread/test.json"; + + testRead(getTestUsername(), getTestPassword(), path1, 404); + testRead(getTestUsername(), getTestPassword(), path2, 404); + testRead(getTestUsername(), getTestPassword(), path3, 200); + } + + @Test + public void testReadNoAccessGatePresent() throws Exception { + String path = "/test/secured-provider/read/nogate/test.json"; + + testRead(getTestUsername(), getTestPassword(), path, 404); + } + + @Test + public void testUpdateNoAccessGatePresent() throws Exception { + String path = "/test/secured-provider/read-update/nogate/test.json"; + + testUpdate(getTestUsername(), getTestPassword(), path, 500, "UnsupportedOperationException"); + } + } diff --git a/src/test/java/org/apache/sling/resourceaccesssecurity/it/UnsecuredProviderResourceAccessSecurityTest.java b/src/test/java/org/apache/sling/resourceaccesssecurity/it/UnsecuredProviderResourceAccessSecurityTest.java index 7895dc6..b2351da 100644 --- a/src/test/java/org/apache/sling/resourceaccesssecurity/it/UnsecuredProviderResourceAccessSecurityTest.java +++ b/src/test/java/org/apache/sling/resourceaccesssecurity/it/UnsecuredProviderResourceAccessSecurityTest.java @@ -24,7 +24,7 @@ public class UnsecuredProviderResourceAccessSecurityTest extends ResourceAccessS @Test public void testDeniedReadAccess() throws Exception { - String path = "/providers/unsecured/read/providergate1-denyread/test.json"; + String path = "/test/unsecured-provider/read/prov/providergate1-denyread/test.json"; // can be read anyway testRead(getTestUsername(), getTestPassword(), path, 200); @@ -33,14 +33,14 @@ public class UnsecuredProviderResourceAccessSecurityTest extends ResourceAccessS @Test public void testReadNonExistingResource() throws Exception { - String path = "/providers/unsecured/nonexisting/test.json"; + String path = "/test/unsecured-provider/read/nonexisting/test.json"; testRead(getTestUsername(), getTestPassword(), path, 404); } @Test public void testReadFromNonExistingProvider() throws Exception { - String path = "/providers/nonexisting/test.json"; + String path = "/test/nonexisting/test.json"; testRead(getTestUsername(), getTestPassword(), path, 404); } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
