Author: angela
Date: Thu Apr 11 15:55:25 2013
New Revision: 1466932
URL: http://svn.apache.org/r1466932
Log:
OAK-527: permissions (WIP: issue references and test descriptions)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/RenameTest.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
Thu Apr 11 15:55:25 2013
@@ -46,8 +46,8 @@ import static org.apache.jackrabbit.oak.
class PermissionValidator extends DefaultValidator {
/* TODO
- * - Renaming nodes or Move with same parent are reflected as remove+add
-> needs special handling
- * - Proper handling of jcr:nodeTypeManagement privilege.
+ * - OAK-710: Renaming nodes or Move with same parent are reflected as
remove+add -> needs special handling
+ * - OAK-711: Proper handling of jcr:nodeTypeManagement privilege.
*/
private final Tree parentBefore;
@@ -209,7 +209,7 @@ class PermissionValidator extends Defaul
} else if (provider.getUserContext().definesTree(tree)) {
perm = Permissions.USER_MANAGEMENT;
} else {
- // FIXME: identify renaming/move of nodes that only required
MODIFY_CHILD_NODE_COLLECTION permission
+ // FIXME: OAK-710 (identify renaming/move of nodes that only
required MODIFY_CHILD_NODE_COLLECTION permission)
perm = defaultPermission;
}
return perm;
@@ -222,7 +222,7 @@ class PermissionValidator extends Defaul
String name = propertyState.getName();
long perm;
if (JcrConstants.JCR_PRIMARYTYPE.equals(name) ||
JcrConstants.JCR_MIXINTYPES.equals(name)) {
- // FIXME: distinguish between autocreated and user-supplied
modification (?)
+ // FIXME: OAK-711 (distinguish between autocreated and
user-supplied modification (?))
// perm = Permissions.NODE_TYPE_MANAGEMENT;
perm = defaultPermission;
} else if (isLockProperty(name)) {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AbstractEvaluationTest.java
Thu Apr 11 15:55:25 2013
@@ -51,7 +51,7 @@ import org.junit.Before;
import static org.junit.Assert.assertArrayEquals;
/**
- * Base class for testing access control evaluation using JCR API.
+ * Base class for testing permission evaluation using JCR API.
*/
public abstract class AbstractEvaluationTest extends AbstractAccessControlTest
{
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
Thu Apr 11 15:55:25 2013
@@ -37,7 +37,7 @@ import org.junit.Ignore;
import org.junit.Test;
/**
- * AccessControlManagementTest... TODO
+ * Permission evaluation tests related to access control management.
*/
public class AccessControlManagementTest extends AbstractEvaluationTest {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/InheritanceTest.java
Thu Apr 11 15:55:25 2013
@@ -30,7 +30,7 @@ import org.junit.Ignore;
import org.junit.Test;
/**
- * InheritanceTest... TODO
+ * Permission evaluation tests focusing on inheritance.
*/
public class InheritanceTest extends AbstractEvaluationTest {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/MoveTest.java
Thu Apr 11 15:55:25 2013
@@ -25,9 +25,9 @@ import org.junit.Ignore;
import org.junit.Test;
/**
- * MoveTest... TODO
+ * Permission evaluation tests for move operations.
*/
-@Ignore("OAK-51 : permission validator doesn't detect move")
+@Ignore("OAK-710 : permission validator doesn't detect move")
public class MoveTest extends AbstractEvaluationTest {
private String nodePath3;
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NamespaceManagementTest.java
Thu Apr 11 15:55:25 2013
@@ -26,14 +26,14 @@ import javax.jcr.security.AccessControlP
import org.junit.After;
import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Test;
/**
- * NamespaceManagementTest... TODO
+ * Permission evaluation tests related to {@link #JCR_NAMESPACE_MANAGEMENT}
privilege.
*/
public class NamespaceManagementTest extends AbstractEvaluationTest {
+ // TODO: replace with JCR privilege constant (JSR-333)
private static final String JCR_NAMESPACE_MANAGEMENT =
"jcr:namespaceManagement";
@Override
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeDefinitionManagementTest.java
Thu Apr 11 15:55:25 2013
@@ -27,11 +27,13 @@ import org.junit.Before;
import org.junit.Test;
/**
- * NodeTypeDefinitionManagementTest... TODO
+ * Permission evaluation tests related to {@link
#JCR_NODE_TYPE_DEFINITION_MANAGEMENT} privilege.
*/
public class NodeTypeDefinitionManagementTest extends AbstractEvaluationTest {
+ // TODO: replace with JCR privilege constant (JSR-333)
private static final String JCR_NODE_TYPE_DEFINITION_MANAGEMENT =
"jcr:nodeTypeDefinitionManagement";
+
@Override
@Before
protected void setUp() throws Exception {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/NodeTypeManagementTest.java
Thu Apr 11 15:55:25 2013
@@ -30,9 +30,9 @@ import org.junit.Ignore;
import org.junit.Test;
/**
- * NodeTypeManagementTest... TODO
+ * Permission evaluation tests related to {@link
Privilege#JCR_NODE_TYPE_MANAGEMENT} privilege.
*/
-@Ignore("OAK-51 : permission validator doesn't detect changes to mixin/primary
type")
+@Ignore("OAK-711 : permission validator doesn't detect changes to
mixin/primary type")
public class NodeTypeManagementTest extends AbstractEvaluationTest {
private Node childNode;
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ObservationTest.java
Thu Apr 11 15:55:25 2013
@@ -23,7 +23,7 @@ import org.apache.jackrabbit.test.api.ob
import org.junit.Test;
/**
- * ObservationTest... TODO
+ * Permission evaluation tests related to observation.
*/
public class ObservationTest extends AbstractEvaluationTest {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/PrivilegeManagementTest.java
Thu Apr 11 15:55:25 2013
@@ -28,7 +28,7 @@ import org.apache.jackrabbit.test.NotExe
import org.junit.Test;
/**
- * PrivilegeManagementTest... TODO
+ * Permission evaluation tests related to {@link #REP_PRIVILEGE_MANAGEMENT}
privilege.
*/
public class PrivilegeManagementTest extends AbstractEvaluationTest {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ReadTest.java
Thu Apr 11 15:55:25 2013
@@ -27,7 +27,7 @@ import org.junit.Test;
import static org.junit.Assert.assertArrayEquals;
/**
- * ReadTest... TODO
+ * Permission evaluation tests related to {@link
javax.jcr.security.Privilege#JCR_READ} privilege.
*/
public class ReadTest extends AbstractEvaluationTest {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/RenameTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/RenameTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/RenameTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/RenameTest.java
Thu Apr 11 15:55:25 2013
@@ -23,11 +23,9 @@ import javax.jcr.security.Privilege;
import org.apache.jackrabbit.api.JackrabbitNode;
import org.junit.Ignore;
import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
/**
- * RenameTest... TODO
+ * Permission evaluation tests related to {@link
JackrabbitNode#rename(String)}.
*/
@Ignore("OAK-770 : NodeImpl doesn't implement JackrabbitNode#rename")
public class RenameTest extends AbstractEvaluationTest {
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java?rev=1466932&r1=1466931&r2=1466932&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/WriteTest.java
Thu Apr 11 15:55:25 2013
@@ -33,7 +33,7 @@ import org.junit.Ignore;
import org.junit.Test;
/**
- * WriteTest... TODO
+ * Permission evaluation tests related to write operations.
*/
public class WriteTest extends AbstractEvaluationTest {
