Author: angela
Date: Thu Oct 3 16:45:30 2013
New Revision: 1528927
URL: http://svn.apache.org/r1528927
Log:
OAK-527: fix bug in PrivilegeBits#calculatePermissions (thanks tobi for
spotting this!)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java?rev=1528927&r1=1528926&r2=1528927&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
Thu Oct 3 16:45:30 2013
@@ -230,12 +230,13 @@ public final class PrivilegeBits impleme
if ((privs & MODIFY_PROPERTIES) == MODIFY_PROPERTIES) {
perm |= Permissions.SET_PROPERTY;
} else {
- // todo: what about add+alter (but not remove?)
if ((privs & ADD_PROPERTIES) == ADD_PROPERTIES) {
perm |= Permissions.ADD_PROPERTY;
- } else if ((privs & ALTER_PROPERTIES) == ALTER_PROPERTIES) {
+ }
+ if ((privs & ALTER_PROPERTIES) == ALTER_PROPERTIES) {
perm |= Permissions.MODIFY_PROPERTY;
- } else if ((privs & REMOVE_PROPERTIES) == REMOVE_PROPERTIES) {
+ }
+ if ((privs & REMOVE_PROPERTIES) == REMOVE_PROPERTIES) {
perm |= Permissions.REMOVE_PROPERTY;
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java?rev=1528927&r1=1528926&r2=1528927&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBitsTest.java
Thu Oct 3 16:45:30 2013
@@ -574,11 +574,32 @@ public class PrivilegeBitsTest extends A
simple.put(provider.getBits(REP_READ_NODES), Permissions.READ_NODE);
simple.put(provider.getBits(REP_READ_PROPERTIES),
Permissions.READ_PROPERTY);
simple.put(provider.getBits(REP_USER_MANAGEMENT),
Permissions.USER_MANAGEMENT);
+ simple.put(provider.getBits(JCR_MODIFY_PROPERTIES),
Permissions.SET_PROPERTY);
+ simple.put(provider.getBits(REP_ADD_PROPERTIES),
Permissions.ADD_PROPERTY);
+ simple.put(provider.getBits(REP_ALTER_PROPERTIES),
Permissions.MODIFY_PROPERTY);
+ simple.put(provider.getBits(REP_REMOVE_PROPERTIES),
Permissions.REMOVE_PROPERTY);
for (PrivilegeBits pb : simple.keySet()) {
long expected = simple.get(pb).longValue();
assertTrue(expected == PrivilegeBits.calculatePermissions(pb,
PrivilegeBits.EMPTY, true));
+ assertTrue(expected == PrivilegeBits.calculatePermissions(pb, pb,
true));
}
+ // jcr:modifyProperty aggregate
+ PrivilegeBits add_change = provider.getBits(REP_ADD_PROPERTIES,
REP_ALTER_PROPERTIES);
+ long permissions = (Permissions.ADD_PROPERTY |
Permissions.MODIFY_PROPERTY);
+ assertTrue(permissions ==
PrivilegeBits.calculatePermissions(add_change, PrivilegeBits.EMPTY, true));
+ assertTrue(permissions ==
PrivilegeBits.calculatePermissions(add_change, add_change, true));
+
+ PrivilegeBits add_rm = provider.getBits(REP_ADD_PROPERTIES,
REP_REMOVE_PROPERTIES);
+ permissions = (Permissions.ADD_PROPERTY | Permissions.REMOVE_PROPERTY);
+ assertTrue(permissions == PrivilegeBits.calculatePermissions(add_rm,
PrivilegeBits.EMPTY, true));
+ assertTrue(permissions == PrivilegeBits.calculatePermissions(add_rm,
add_rm, true));
+
+ PrivilegeBits ch_rm = provider.getBits(REP_ALTER_PROPERTIES,
REP_REMOVE_PROPERTIES);
+ permissions = (Permissions.MODIFY_PROPERTY |
Permissions.REMOVE_PROPERTY);
+ assertTrue(permissions == PrivilegeBits.calculatePermissions(ch_rm,
PrivilegeBits.EMPTY, true));
+ assertTrue(permissions == PrivilegeBits.calculatePermissions(ch_rm,
add_rm, true));
+
// jcr:add aggregate
PrivilegeBits all = provider.getBits(JCR_ALL);
assertFalse(Permissions.ALL == PrivilegeBits.calculatePermissions(all,
PrivilegeBits.EMPTY, true));
