svn commit: r1689869 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java

Wed, 08 Jul 2015 06:27:24 -0700 

Author: angela
Date: Wed Jul  8 13:27:06 2015
New Revision: 1689869

URL: http://svn.apache.org/r1689869
Log:
OAK-2956 : NPE in UserImporter when importing group with modified authorizable 
id

Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java
    
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java?rev=1689869&r1=1689868&r2=1689869&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java
 Wed Jul  8 13:27:06 2015
@@ -240,6 +240,12 @@ class UserImporter implements ProtectedP
                 }
                 String id = propInfo.getTextValue().getString();
                 Authorizable existing = userManager.getAuthorizable(id);
+                if (existing == null) {
+                    String msg = "Cannot handle protected PropInfo " + 
propInfo + ". Invalid rep:authorizableId.";
+                    log.warn(msg);
+                    throw new ConstraintViolationException(msg);
+                }
+
                 if (a.getPath().equals(existing.getPath())) {
                     parent.setProperty(REP_AUTHORIZABLE_ID, id);
                 } else {

Modified: 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java?rev=1689869&r1=1689868&r2=1689869&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
 Wed Jul  8 13:27:06 2015
@@ -419,6 +419,38 @@ public class UserImportTest extends Abst
         getImportSession().save();
     }
 
+    @Test
+    public void testImportUuidCollisionRemoveExistingWithInvalidUUID() throws 
Exception {
+        String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+                "<sv:node sv:name=\"r\" 
xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\"; 
xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\"; 
xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\"; 
xmlns:fn=\"http://www.w3.org/2005/xpath-functions\"; 
xmlns:xs=\"http://www.w3.org/2001/XMLSchema\"; 
xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\"; xmlns:rep=\"internal\" 
xmlns:jcr=\"http://www.jcp.org/jcr/1.0\";>" +
+                "   <sv:property sv:name=\"jcr:primaryType\" 
sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" +
+                "   <sv:property sv:name=\"jcr:uuid\" 
sv:type=\"String\"><sv:value>4b43b0ae-e356-34cd-95b9-10189b3dc231</sv:value></sv:property>"
 +
+                "   <sv:property sv:name=\"rep:password\" 
sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>"
 +
+                "   <sv:property sv:name=\"rep:authorizableId\" 
sv:type=\"String\"><sv:value>r</sv:value></sv:property>" +
+                "   <sv:property sv:name=\"rep:principalName\" 
sv:type=\"String\"><sv:value>t</sv:value></sv:property>" +
+                "</sv:node>";
+
+        doImport(getTargetPath(), xml);
+
+        xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+                "<sv:node sv:name=\"r\" 
xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\"; 
xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\"; 
xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\"; 
xmlns:fn=\"http://www.w3.org/2005/xpath-functions\"; 
xmlns:xs=\"http://www.w3.org/2001/XMLSchema\"; 
xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\"; xmlns:rep=\"internal\" 
xmlns:jcr=\"http://www.jcp.org/jcr/1.0\";>" +
+                "   <sv:property sv:name=\"jcr:primaryType\" 
sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" +
+                "   <sv:property sv:name=\"jcr:uuid\" 
sv:type=\"String\"><sv:value>4b43b0ae-e356-34cd-95b9-10189b3dc231</sv:value></sv:property>"
 +
+                "   <sv:property sv:name=\"rep:password\" 
sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>"
 +
+                "   <sv:property sv:name=\"rep:authorizableId\" 
sv:type=\"String\"><sv:value>ANOTHER_ID</sv:value></sv:property>" +
+                "   <sv:property sv:name=\"rep:principalName\" 
sv:type=\"String\"><sv:value>t</sv:value></sv:property>" +
+                "</sv:node>";
+
+        try {
+            doImport(getTargetPath(), xml, 
ImportUUIDBehavior.IMPORT_UUID_COLLISION_REMOVE_EXISTING);
+            fail("Xml with illegal authorizable id must fail.");
+        } catch (ConstraintViolationException e) {
+            // success
+        } finally {
+            getImportSession().refresh(false);
+        }
+    }
+
     /**
      * Same as {@link #testImportUuidCollisionRemoveExisting} with the single
      * difference that the initial import is saved before being overwritten.

Reply via email to