Author: angela
Date: Tue Nov 12 11:57:40 2013
New Revision: 1541015
URL: http://svn.apache.org/r1541015
Log:
OAK-949 : UserQuery does not properly work for the optional everyone group
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManager.java
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManager.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManager.java?rev=1541015&r1=1541014&r2=1541015&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManager.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManager.java
Tue Nov 12 11:57:40 2013
@@ -38,6 +38,7 @@ import org.apache.jackrabbit.oak.api.Roo
import org.apache.jackrabbit.oak.commons.PathUtils;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
import org.apache.jackrabbit.util.ISO9075;
import org.apache.jackrabbit.util.Text;
@@ -119,19 +120,34 @@ public class UserQueryManager {
.append(sortDir.getDirection());
}
- if (builder.getGroupID() == null) {
+ final String groupId = builder.getGroupID();
+ if (groupId == null || EveryonePrincipal.NAME.equals(groupId)) {
long offset = builder.getOffset();
if (bound != null && offset > 0) {
log.warn("Found bound {} and offset {} in limit. Discarding
offset.", bound, offset);
offset = 0;
}
- return findAuthorizables(statement.toString(),
builder.getMaxCount(), offset, null);
+ Iterator<Authorizable> result =
findAuthorizables(statement.toString(), builder.getMaxCount(), offset, null);
+ if (groupId == null) {
+ return result;
+ } else {
+ return Iterators.filter(result, new Predicate<Authorizable>() {
+ @Override
+ public boolean apply(@Nullable Authorizable authorizable) {
+ try {
+ return authorizable != null &&
!groupId.equals(authorizable.getID());
+ } catch (RepositoryException e) {
+ return false;
+ }
+ }
+ });
+ }
} else {
// filtering by group name included in query -> enforce offset
// and limit on the result set.
Iterator<Authorizable> result =
findAuthorizables(statement.toString(), Long.MAX_VALUE, 0, null);
Predicate groupFilter = new GroupPredicate(userManager,
- builder.getGroupID(),
+ groupId,
builder.isDeclaredMembersOnly());
return ResultIterator.create(builder.getOffset(),
builder.getMaxCount(),
Iterators.filter(result, groupFilter));
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java?rev=1541015&r1=1541014&r2=1541015&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
Tue Nov 12 11:57:40 2013
@@ -34,6 +34,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.Query;
import org.apache.jackrabbit.api.security.user.QueryBuilder;
import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.junit.Test;
/**
@@ -296,6 +297,33 @@ public class UserQueryTest extends Abstr
}
@Test
+ public void testFindInEveryoneGroup() throws RepositoryException {
+ Authorizable everyone =
userMgr.getAuthorizable(EveryonePrincipal.NAME);
+ boolean doRemove = false;
+ try {
+ if (everyone == null) {
+ everyone = userMgr.createGroup(EveryonePrincipal.NAME);
+ superuser.save();
+ doRemove = true;
+ }
+
+ Iterator<Authorizable> result = userMgr.findAuthorizables(new
Query() {
+ public <T> void build(QueryBuilder<T> builder) {
+ builder.setScope(EveryonePrincipal.NAME, true);
+ }
+ });
+
+ Iterator<Authorizable> members = ((Group)
everyone).getDeclaredMembers();
+ assertSameElements(result, members);
+ } finally {
+ if (doRemove) {
+ everyone.remove();
+ superuser.save();
+ }
+ }
+ }
+
+ @Test
public void testNameMatch() throws RepositoryException {
Iterator<Authorizable> result = userMgr.findAuthorizables(new Query() {
public <T> void build(QueryBuilder<T> builder) {
