This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.repoinit-1.1.4 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-repoinit.git
commit 80890cc3957d01f8e40ccec926839711a171da00 Author: Bertrand Delacretaz <[email protected]> AuthorDate: Mon Jan 16 10:49:27 2017 +0000 SLING-6423 - GeneralAclTest, including tests that fail until ACLOptions are implemented here - contributed by Nitin Nizhawan, thanks! git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/repoinit@1779005 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/sling/jcr/repoinit/GeneralAclTest.java | 257 +++++++++++++++++++++ 1 file changed, 257 insertions(+) diff --git a/src/test/java/org/apache/sling/jcr/repoinit/GeneralAclTest.java b/src/test/java/org/apache/sling/jcr/repoinit/GeneralAclTest.java index 764fa10..8799937 100644 --- a/src/test/java/org/apache/sling/jcr/repoinit/GeneralAclTest.java +++ b/src/test/java/org/apache/sling/jcr/repoinit/GeneralAclTest.java @@ -42,12 +42,20 @@ public class GeneralAclTest { public final SlingContext context = new SlingContext(ResourceResolverType.JCR_OAK); private TestUtil U; + private String userA; + private String userB; + private Session s; @Before public void setup() throws RepositoryException, RepoInitParsingException { U = new TestUtil(context); + userA = "userA_" + U.id; + userB = "userB_" + U.id; U.parseAndExecute("create service user " + U.username); + U.parseAndExecute("create service user " + userA); + U.parseAndExecute("create service user " + userB); + s = U.loginService(U.username); } @@ -136,4 +144,253 @@ public class GeneralAclTest { s.logout(); } } + + + /** + * Verifies success/failure of adding a child + * @param username + * @param nodeName + * @param successExpected + * @throws RepositoryException + */ + private void verifyAddChildNode(String username,String nodeName, boolean successExpected) throws RepositoryException { + Session userSession = U.loginService(username); + try { + Node rootNode = userSession.getRootNode(); + rootNode.addNode(nodeName); + userSession.save(); + assertTrue(successExpected); + } catch(Exception e) { + assertTrue(!successExpected); + } finally { + if(userSession != null) { + userSession.logout(); + } + } + } + + /** + * Verifies success/failure of adding a properties + * @param username + * @param nodeName + * @param propertyName + * @param successExpected + * @throws RepositoryException + */ + private void verifyAddProperty(String username,String nodeName,String propertyName, boolean successExpected) throws RepositoryException { + Session userSession = U.loginService(username); + try { + Node rootNode = userSession.getRootNode(); + Node node = rootNode.getNode(nodeName); + node.setProperty(propertyName,"test"); + userSession.save(); + assertTrue(successExpected); + } catch(Exception e) { + assertTrue(!successExpected); + } finally { + if(userSession != null) { + userSession.logout(); + } + } + } + + + + /** + * Verifies that ACEs for existing principal are replaced + */ + // @Test + public void mergeMode_ReplaceExistingPrincipalTest() throws Exception { + final String initialAclSetup = + " set ACL for " + userA + "\n" + + "allow jcr:read,jcr:addChildNodes on / \n" + + "end" + ; + + final String aclsToBeMerged = + " set ACL for " + userA + " (ACLOptions=merge)\n" + + "allow jcr:read on / \n" + + "allow jcr:modifyProperties on / \n" + + "end" + ; + + U.parseAndExecute(initialAclSetup); + // verify that setup is correct + verifyAddChildNode(userA, "A1_" + U.id, true); // add node should succeed + verifyAddProperty(userA,"A1_"+U.id,"Prop1",false); // add property should fail + + //now merge acls + U.parseAndExecute(aclsToBeMerged); + + //verify merged ACLs + verifyAddChildNode(userA, "A2_" + U.id, false); // add node should fail + verifyAddProperty(userA,"A1_"+U.id,"prop2",true);// add property should succeed + + } + + + /** + * Verify that ACLs for new principal are added + * @throws Exception + */ + // @Test + public void mergeMode_AddAceTest() throws Exception { + final String initialAclSetup = + "set ACL for " + userA + "\n" + + "allow jcr:read,jcr:write on /\n" + + "end \n" + ; + + // userA,jcr:write ACE will be removed, + // userB ACE will be added + final String aclsToBeMerged = + "set ACL on / (ACLOptions=merge) \n" + + "allow jcr:read for " + userA + "\n" + + "allow jcr:read,jcr:write for " + userB + "\n" + + "end \n" + ; + + U.parseAndExecute(initialAclSetup); + // verify that setup is correct + verifyAddChildNode(userA, "A1_" + U.id, true); + verifyAddChildNode(userB, "B1_" + U.id, false); + //now merge acls + U.parseAndExecute(aclsToBeMerged); + + //verify merged ACLs + verifyAddChildNode(userA, "A2_" + U.id, false); + verifyAddChildNode(userB, "B2_" + U.id, true); + + } + + /** + * Verify that ACEs for unspecified principal are preserved + * @throws Exception + */ + //@Test + public void mergeMode_PreserveAceTest() throws Exception { + final String initialAclSetup = + "set ACL on / \n" + + "allow jcr:read,jcr:write for " + userA + "\n" + + "allow jcr:read,jcr:write for " + userB + "\n" + + "end \n" + ; + + // userB ACE will be preserved + final String aclsToBeMerged = + "set ACL on / (ACLOptions=merge) \n" + + "allow jcr:read for " + userA + "\n" + + "end \n" + ; + + U.parseAndExecute(initialAclSetup); + // verify that setup is correct + verifyAddChildNode(userA, "A1_" + U.id, true); + verifyAddChildNode(userB, "B1_" + U.id, true); + + //now merge acls + U.parseAndExecute(aclsToBeMerged); + + //verify merged ACLs + verifyAddChildNode(userA, "A2_" + U.id, false); + verifyAddChildNode(userB, "B2_" + U.id, true); + + } + + + /** + * Verifiy that ACE for non-existing principal are added + * @throws Exception + */ + //@Test + public void mergePreserveMode_AddAceTest() throws Exception{ + final String initialAclSetup = + " set ACL for " + userB + "\n" + + "allow jcr:read,jcr:write on /\n" + + "end \n" + ; + + final String aclsToBeMerged = + "set ACL for " + userA + " (ACLOptions=mergePreserve)\n" + + "allow jcr:read,jcr:write on / \n" + + "end \n" + ; + + U.parseAndExecute(initialAclSetup); + // verify that setup is correct + verifyAddChildNode(userA, "A1_" + U.id, false); + verifyAddChildNode(userB, "B1_" + U.id, true); + + //now merge acls + U.parseAndExecute(aclsToBeMerged); + + //verify merged ACLs + verifyAddChildNode(userA, "A2_" + U.id, true); + verifyAddChildNode(userB, "B2_" + U.id, true); + } + + + /** + * Verify that ACE for existing principal are ignored + * @throws Exception + */ + //@Test + public void mergePreserveMode_IgnoreAceTest() throws Exception { + final String initialAclSetup = + "set ACL for " + userA + "\n" + + "allow jcr:read,jcr:addChildNodes on /\n" + + "end" + ; + + final String aclsToBeMerged = + " set ACL for " + userA + " (ACLOptions=mergePreserve) \n" + + "allow jcr:read,jcr:modifyProperties on / \n" + + "end \n" + ; + + U.parseAndExecute(initialAclSetup); + // verify that setup is correct + verifyAddChildNode(userA, "A1_" + U.id, true); // add node should succeed + verifyAddProperty(userA, "A1_" + U.id, "Prop1", false); // add property should fail + + //now merge acls + U.parseAndExecute(aclsToBeMerged); + + //verify merged ACLs + verifyAddChildNode(userA, "A2_" + U.id, true); // add node should succeed + verifyAddProperty(userA, "A2_" + U.id, "Prop1", false); // add property should fail + } + + + /** + * Verify that ACE for unspecified principal are preserved + * @throws Exception + */ + //@Test + public void mergePreserveMode_PreserveAceTest() throws Exception { + final String initialAclSetup = + " set ACL on /\n" + + "allow jcr:read, jcr:write for " + userA + " , " + userB + "\n" + + "end \n" + ; + + // ACL for userA will be ignored but added for userB + final String aclsToBeMerged = + " set ACL for " + userA + " (ACLOptions=mergePreserve) \n" + + "allow jcr:read on / \n" + + "end \n" + ; + + U.parseAndExecute(initialAclSetup); + // verify that setup is correct + verifyAddChildNode(userA, "A1_" + U.id, true); + verifyAddChildNode(userB, "B1_" + U.id, true); + + //now merge acls + U.parseAndExecute(aclsToBeMerged); + + //verify merged ACLs + verifyAddChildNode(userA, "A2_" + U.id, true); + verifyAddChildNode(userB, "B2_" + U.id, true); + } } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
