This is an automated email from the ASF dual-hosted git repository.
pauls pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-feature-cpconverter.git
The following commit(s) were added to refs/heads/master by this push:
new b8b0fa7 SLING-9960: AclManagerTest/RepPolicyEntryHandlerTest should
use realistic service user path (#42)
b8b0fa7 is described below
commit b8b0fa7b7a11c1d9c96261e5f30ca9d122444b60
Author: Karl Pauls <[email protected]>
AuthorDate: Thu Dec 10 16:00:22 2020 +0100
SLING-9960: AclManagerTest/RepPolicyEntryHandlerTest should use realistic
service user path (#42)
---
.../cpconverter/accesscontrol/AclManagerTest.java | 12 +++---
.../handlers/RepPolicyEntryHandlerTest.java | 38 +++++++++--------
.../jcr_root/home/users/system/asd/.content.xml | 19 +++++++++
.../jcr_root/home/users/system/asd/_rep_policy.xml | 48 ++++++++++++++++++++++
.../jcr_root/home/users/system/asd/license.txt | 14 +++++++
5 files changed, 107 insertions(+), 24 deletions(-)
diff --git
a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java
b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java
index 4254ab7..4b5d880 100644
---
a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java
+++
b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java
@@ -71,18 +71,18 @@ public class AclManagerTest {
@Test
public void makeSureAclsAreCreatedOnlyoutsideSytemUsersPaths() throws
Exception {
- aclManager.addSystemUser(new
SystemUser("acs-commons-ensure-oak-index-service", new
RepoPath("/asd/public/foo"), new RepoPath("/asd/public")));
+ aclManager.addSystemUser(new
SystemUser("acs-commons-ensure-oak-index-service", new
RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system")));
// emulate a second iteration of conversion
aclManager.reset();
- aclManager.addSystemUser(new
SystemUser("acs-commons-package-replication-status-event-service", new
RepoPath("/asd/public/foo"), new RepoPath("/asd/public")));
+ aclManager.addSystemUser(new
SystemUser("acs-commons-package-replication-status-event-service", new
RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system")));
aclManager.addAcl("acs-commons-ensure-oak-index-service", newAcl(true,
"jcr:read,rep:write,rep:indexDefinitionManagement",
"/asd/not/system/user/path"));
-
aclManager.addAcl("acs-commons-package-replication-status-event-service",
newAcl(true, "jcr:read,crx:replicate,jcr:removeNode", "/asd/public"));
+
aclManager.addAcl("acs-commons-package-replication-status-event-service",
newAcl(true, "jcr:read,crx:replicate,jcr:removeNode", "/home/users/system"));
// add an ACL for unknown user
- aclManager.addAcl("acs-commons-on-deploy-scripts-service",
newAcl(true, "jcr:read,crx:replicate,jcr:removeNode", "/asd/public"));
+ aclManager.addAcl("acs-commons-on-deploy-scripts-service",
newAcl(true, "jcr:read,crx:replicate,jcr:removeNode", "/home/users/system"));
VaultPackageAssembler assembler = mock(VaultPackageAssembler.class);
when(assembler.getEntry(anyString())).thenReturn(new
File(System.getProperty("java.io.tmpdir")));
@@ -98,8 +98,8 @@ public class AclManagerTest {
assertNotNull(repoinitExtension);
// acs-commons-on-deploy-scripts-service will be missed
- String expected = "create path (rep:AuthorizableFolder) /asd/public" +
System.lineSeparator() + // SLING-8586
- "create service user
acs-commons-package-replication-status-event-service with path /asd/public" +
System.lineSeparator() +
+ String expected = "create path (rep:AuthorizableFolder)
/home/users/system" + System.lineSeparator() + // SLING-8586
+ "create service user
acs-commons-package-replication-status-event-service with path
/home/users/system" + System.lineSeparator() +
"create path (sling:Folder) /asd" + System.lineSeparator() +
"create path (sling:Folder) /asd/not" + System.lineSeparator()
+
"create path (sling:Folder) /asd/not/system" +
System.lineSeparator() +
diff --git
a/src/test/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandlerTest.java
b/src/test/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandlerTest.java
index 3417800..b0ef6b4 100644
---
a/src/test/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandlerTest.java
+++
b/src/test/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandlerTest.java
@@ -94,30 +94,30 @@ public final class RepPolicyEntryHandlerTest {
assertEquals(ExtensionType.TEXT, repoinitExtension.getType());
// commented ACLs are due SLING-8561
- String expected = "create path (rep:AuthorizableFolder) /asd/public" +
System.lineSeparator() + // SLING-8586
- "create service user acs-commons-ensure-oak-index-service with
path /asd/public" + System.lineSeparator() +
+ String expected = "create path (rep:AuthorizableFolder)
/home/users/system" + System.lineSeparator() + // SLING-8586
+ "create service user acs-commons-ensure-oak-index-service with
path /home/users/system" + System.lineSeparator() +
// "create path (sling:Folder) /asd\n" +
// "create path (sling:Folder) /asd/public\n" +
// "set ACL for acs-commons-ensure-oak-index-service\n" +
// "allow jcr:read,rep:write,rep:indexDefinitionManagement on
/asd/public restriction(rep:glob,*/oak:index/*)\n" +
// "end\n" +
- "create service user acs-commons-dispatcher-flush-service with
path /asd/public" + System.lineSeparator() +
+ "create service user acs-commons-dispatcher-flush-service with
path /home/users/system" + System.lineSeparator() +
// "set ACL for acs-commons-dispatcher-flush-service\n" +
// "allow jcr:read,crx:replicate,jcr:removeNode on
/asd/public\n" +
// "end\n" +
- "create service user
acs-commons-package-replication-status-event-service with path /asd/public" +
System.lineSeparator() +
+ "create service user
acs-commons-package-replication-status-event-service with path
/home/users/system" + System.lineSeparator() +
// "set ACL for
acs-commons-package-replication-status-event-service\n" +
// "allow
jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl on
/asd/public\n" +
// "end\n" +
- "create service user acs-commons-ensure-service-user-service
with path /asd/public" + System.lineSeparator() +
+ "create service user acs-commons-ensure-service-user-service
with path /home/users/system" + System.lineSeparator() +
// "set ACL for acs-commons-ensure-service-user-service\n" +
// "allow
jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl on
/asd/public\n" +
// "end\n" +
- "create service user
acs-commons-automatic-package-replicator-service with path /asd/public" +
System.lineSeparator() +
+ "create service user
acs-commons-automatic-package-replicator-service with path /home/users/system"
+ System.lineSeparator() +
// "set ACL for
acs-commons-automatic-package-replicator-service\n" +
// "allow jcr:read on /asd/public\n" +
// "end\n" +
- "create service user acs-commons-on-deploy-scripts-service
with path /asd/public" + System.lineSeparator();
+ "create service user acs-commons-on-deploy-scripts-service
with path /home/users/system" + System.lineSeparator();
// "set ACL for acs-commons-on-deploy-scripts-service\n" +
// "allow jcr:read on /asd/public\n" +
// "end\n";
@@ -141,22 +141,22 @@ public final class RepPolicyEntryHandlerTest {
assertEquals(ExtensionType.TEXT, repoinitExtension.getType());
// commented ACLs are due SLING-8561
- String expected = "create path (rep:AuthorizableFolder) /asd/public" +
System.lineSeparator() + // SLING-8586
- "create service user
acs-commons-package-replication-status-event-service with path /asd/public" +
System.lineSeparator() +
+ String expected = "create path (rep:AuthorizableFolder)
/home/users/system" + System.lineSeparator() + // SLING-8586
+ "create service user
acs-commons-package-replication-status-event-service with path
/home/users/system" + System.lineSeparator() +
// "create path (sling:Folder) /asd\n" +
// "create path (sling:Folder) /asd/public\n" +
// "set ACL for
acs-commons-package-replication-status-event-service\n" +
// "allow
jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl on
/asd/public\n" +
// "end\n" +
- "create service user acs-commons-ensure-service-user-service
with path /asd/public" + System.lineSeparator() +
+ "create service user acs-commons-ensure-service-user-service
with path /home/users/system" + System.lineSeparator() +
// "set ACL for acs-commons-ensure-service-user-service\n" +
// "allow
jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl on
/asd/public\n" +
// "end\n" +
- "create service user
acs-commons-automatic-package-replicator-service with path /asd/public" +
System.lineSeparator() +
+ "create service user
acs-commons-automatic-package-replicator-service with path /home/users/system"
+ System.lineSeparator() +
// "set ACL for
acs-commons-automatic-package-replicator-service\n" +
// "allow jcr:read on /asd/public\n" +
// "end\n" +
- "create service user acs-commons-on-deploy-scripts-service
with path /asd/public" + System.lineSeparator();
+ "create service user acs-commons-on-deploy-scripts-service
with path /home/users/system" + System.lineSeparator();
//"set ACL for acs-commons-on-deploy-scripts-service\n" +
//"allow jcr:read on /asd/public\n" +
//"end\n";
@@ -190,10 +190,12 @@ public final class RepPolicyEntryHandlerTest {
String expected = "create path (rep:AuthorizableFolder)
/this/is/a/completely/different/path" + System.lineSeparator() + // SLING-8586
"create service user
acs-commons-package-replication-status-event-service with path
/this/is/a/completely/different/path" + System.lineSeparator() +
- "create path (sling:Folder) /asd" + System.lineSeparator() +
- "create path (sling:Folder) /asd/public" +
System.lineSeparator() +
+ "create path (sling:Folder) /home" + System.lineSeparator() +
+ "create path (sling:Folder) /home/users" +
System.lineSeparator() +
+ "create path (sling:Folder) /home/users/system" +
System.lineSeparator() +
+ "create path (sling:Folder) /home/users/system/asd" +
System.lineSeparator() +
"set ACL for
acs-commons-package-replication-status-event-service" + System.lineSeparator() +
- "allow
jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl on
/asd/public" + System.lineSeparator() +
+ "allow
jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl on
/home/users/system/asd" + System.lineSeparator() +
"end" + System.lineSeparator();
String actual = repoinitExtension.getText();
assertEquals(expected, actual);
@@ -225,8 +227,8 @@ public final class RepPolicyEntryHandlerTest {
}
private ParseResult parseAndSetRepoinit(String...systemUsersNames) throws
Exception {
- RepoPath alwaysTheSameOrgPath = new RepoPath("/asd/public/foo");
- RepoPath alwaysTheSameInterPath = new RepoPath("/asd/public");
+ RepoPath alwaysTheSameOrgPath = new RepoPath("/home/users/system/asd");
+ RepoPath alwaysTheSameInterPath = new RepoPath("/home/users/system");
SystemUser[] systemUsers = new SystemUser[systemUsersNames.length];
for (int i = 0; i < systemUsersNames.length; i++) {
@@ -237,7 +239,7 @@ public final class RepPolicyEntryHandlerTest {
}
private ParseResult parseAndSetRepoinit(SystemUser...systemUsers) throws
Exception {
- String path = "/jcr_root/asd/public/_rep_policy.xml";
+ String path = "/jcr_root/home/users/system/asd/_rep_policy.xml";
Archive archive = mock(Archive.class);
Entry entry = mock(Entry.class);
VaultPackageAssembler packageAssembler =
mock(VaultPackageAssembler.class);
diff --git
a/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/.content.xml
b/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/.content.xml
new file mode 100644
index 0000000..0589bcb
--- /dev/null
+++
b/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/.content.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with this
+ work for additional information regarding copyright ownership. The ASF
+ licenses this file to You under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ License for the specific language governing permissions and limitations under
+ the License.
+-->
+<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0";
xmlns:jcr="http://www.jcp.org/jcr/1.0";
+ jcr:primaryType="sling:Folder"/>
diff --git
a/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/_rep_policy.xml
b/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/_rep_policy.xml
new file mode 100644
index 0000000..66bb45c
--- /dev/null
+++
b/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/_rep_policy.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with this
+ work for additional information regarding copyright ownership. The ASF
+ licenses this file to You under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ License for the specific language governing permissions and limitations under
+ the License.
+-->
+<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0"; xmlns:rep="internal"
+ jcr:primaryType="rep:ACL">
+ <allow0
+ jcr:primaryType="rep:GrantACE"
+ rep:principalName="acs-commons-ensure-oak-index-service"
+
rep:privileges="{Name}[jcr:read,rep:write,rep:indexDefinitionManagement]">
+ <rep:restrictions
+ jcr:primaryType="rep:Restrictions"
+ rep:glob="{Name}[*/oak:index/*]"/>
+ </allow0>
+ <allow1
+ jcr:primaryType="rep:GrantACE"
+ rep:principalName="acs-commons-dispatcher-flush-service"
+ rep:privileges="{Name}[jcr:read,crx:replicate,jcr:removeNode]"/>
+ <allow2
+ jcr:primaryType="rep:GrantACE"
+
rep:principalName="acs-commons-package-replication-status-event-service"
+
rep:privileges="{Name}[jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl]"/>
+ <allow3
+ jcr:primaryType="rep:GrantACE"
+ rep:principalName="acs-commons-ensure-service-user-service"
+
rep:privileges="{Name}[jcr:read,rep:write,jcr:readAccessControl,jcr:modifyAccessControl]"/>
+ <allow4
+ jcr:primaryType="rep:GrantACE"
+
rep:principalName="acs-commons-automatic-package-replicator-service"
+ rep:privileges="{Name}[jcr:read]"/>
+ <allow5
+ jcr:primaryType="rep:GrantACE"
+ rep:principalName="acs-commons-on-deploy-scripts-service"
+ rep:privileges="{Name}[jcr:read]"/>
+</jcr:root>
diff --git
a/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/license.txt
b/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/license.txt
new file mode 100644
index 0000000..805f6a4
--- /dev/null
+++
b/src/test/resources/org/apache/sling/feature/cpconverter/handlers/jcr_root/home/users/system/asd/license.txt
@@ -0,0 +1,14 @@
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with this
+ work for additional information regarding copyright ownership. The ASF
+ licenses this file to You under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ License for the specific language governing permissions and limitations under
+ the License.
