Author: angela
Date: Wed Jul 3 12:28:12 2013
New Revision: 1499363
URL: http://svn.apache.org/r1499363
Log:
OAK-527: permissions (tests)
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/UserManagementTest.java
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/UserManagementTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/UserManagementTest.java?rev=1499363&r1=1499362&r2=1499363&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/UserManagementTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/UserManagementTest.java
Wed Jul 3 12:28:12 2013
@@ -16,8 +16,13 @@
*/
package org.apache.jackrabbit.oak.jcr.security.authorization;
+import java.util.HashSet;
+import java.util.Iterator;
import java.util.List;
+import java.util.Set;
import javax.jcr.AccessDeniedException;
+import javax.jcr.NodeIterator;
+import javax.jcr.query.Query;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.Privilege;
@@ -29,6 +34,8 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.UserManager;
import
org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.util.Text;
import org.junit.Before;
import org.junit.Test;
@@ -354,4 +361,35 @@ public class UserManagementTest extends
a.removeProperty("someProperty");
testSession.save();
}
+
+ /**
+ * @see <a href="https://issues.apache.org/jira/browse/JCR-3412";>JCR-3412 :
+ * UserManager.findAuthorizables() does not work, if session does not have
+ * read access to common root of all user and groups. </a>
+ */
+ @Test
+ public void testFindAuthorizables() throws Exception {
+ String home = Text.getRelativeParent(UserConstants.DEFAULT_USER_PATH,
1);
+ deny(home, privilegesFromName(PrivilegeConstants.JCR_READ));
+
allow(getUserManager(superuser).getAuthorizable(testSession.getUserID()).getPath(),
privilegesFromName(PrivilegeConstants.JCR_ALL));
+
+ UserManager testUserMgr = getUserManager(testSession);
+ Iterator<Authorizable> result =
testUserMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, null,
UserManager.SEARCH_TYPE_USER);
+
+ Set<String> ids = new HashSet<String>();
+ while (result.hasNext()) {
+ ids.add(result.next().getID());
+ }
+ assertFalse(ids.isEmpty());
+
+ NodeIterator nodeIterator =
testSession.getWorkspace().getQueryManager().createQuery("/jcr:root//element(*,rep:User)",
Query.XPATH).execute().getNodes();
+ assertTrue(nodeIterator.hasNext());
+ while (nodeIterator.hasNext()) {
+ String userId =
nodeIterator.nextNode().getProperty(UserConstants.REP_AUTHORIZABLE_ID).getString();
+ if (!ids.remove(userId)) {
+ fail("UserId " + userId + " missing in result set.");
+ }
+ }
+ assertTrue("Result mismatch", ids.isEmpty());
+ }
}
\ No newline at end of file
