svn commit: r1694986 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/

dj Mon, 10 Aug 2015 01:33:07 -0700

Author: dj
Date: Mon Aug 10 08:32:50 2015
New Revision: 1694986

URL: http://svn.apache.org/r1694986
Log:
OAK-2231 - Searching authorizables with ' and ] in authorizable id and/or 
principal name
- escaping jcr:link/fn:name condition for query
- adding search by special chars tests


Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/XPathConditionVisitor.java
    
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java
    
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/XPathConditionVisitor.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/XPathConditionVisitor.java?rev=1694986&r1=1694985&r2=1694986&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/XPathConditionVisitor.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/XPathConditionVisitor.java
 Mon Aug 10 08:32:50 2015
@@ -59,7 +59,7 @@ class XPathConditionVisitor implements C
                 .append("')")
                 .append(" or ")
                 .append("jcr:like(fn:name(),'")
-                .append(QueryUtil.escapeNodeName(condition.getPattern()))
+                
.append(QueryUtil.escapeForQuery(QueryUtil.escapeNodeName(condition.getPattern())))
                 .append("')")
                 .append(')');
     }

Modified: 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java?rev=1694986&r1=1694985&r2=1694986&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/FindAuthorizablesTest.java
 Mon Aug 10 08:32:50 2015
@@ -19,10 +19,12 @@ package org.apache.jackrabbit.oak.jcr.se
 import java.security.Principal;
 import java.util.HashSet;
 import java.util.Iterator;
+import java.util.List;
 import java.util.Set;
 import javax.jcr.RepositoryException;
 import javax.jcr.Value;
 
+import com.google.common.collect.Lists;
 import org.apache.jackrabbit.api.JackrabbitSession;
 import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
 import org.apache.jackrabbit.api.security.principal.PrincipalManager;
@@ -32,6 +34,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.test.NotExecutableException;
+import org.apache.jackrabbit.util.Text;
 import org.junit.Test;
 
 /**
@@ -377,4 +380,29 @@ public class FindAuthorizablesTest exten
             assertTrue(it.next().isGroup());
         }
     }
+
+    @Test
+    public void testFindUserWithSpecialCharIdByPrincipalName() throws 
RepositoryException {
+        List<String> ids = Lists.newArrayList("'", "]", "']", 
Text.escapeIllegalJcrChars("']"), Text.escape("']"));
+        for (String id : ids) {
+            User user = null;
+            try {
+                user = userMgr.createUser(id, "pw");
+                superuser.save();
+
+                boolean found = false;
+                Iterator<Authorizable> it = 
userMgr.findAuthorizables(UserConstants.REP_PRINCIPAL_NAME, id, 
UserManager.SEARCH_TYPE_USER);
+                while (it.hasNext() && !found) {
+                    Authorizable a = it.next();
+                    found = id.equals(a.getID());
+                }
+                assertTrue(found);
+            } finally {
+                if (user != null) {
+                    user.remove();
+                    superuser.save();
+                }
+            }
+        }
+    }
 }
\ No newline at end of file

Modified: 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java?rev=1694986&r1=1694985&r2=1694986&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserQueryTest.java
 Mon Aug 10 08:32:50 2015
@@ -30,12 +30,14 @@ import javax.jcr.Value;
 import com.google.common.base.Predicate;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.Iterators;
+import com.google.common.collect.Lists;
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.Query;
 import org.apache.jackrabbit.api.security.user.QueryBuilder;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.commons.jackrabbit.user.AuthorizableQueryManager;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
@@ -975,6 +977,35 @@ public class UserQueryTest extends Abstr
         assertFalse(result.hasNext());
     }
 
+    @Test
+    public void testQueryUserWithSpecialCharId() throws Exception {
+        List<String> ids = Lists.newArrayList("'", "]");
+        for (String id : ids) {
+            User user = null;
+            try {
+                user = userMgr.createUser(id, "pw");
+                superuser.save();
+
+                boolean found = false;
+                String query = "{\"condition\":[{\"named\":\"" + id + "\"}]}";
+                AuthorizableQueryManager queryManager = new 
AuthorizableQueryManager(userMgr, superuser.getValueFactory());
+                Iterator<Authorizable> it = queryManager.execute(query);
+                while (it.hasNext() && !found) {
+                    Authorizable a = it.next();
+                    found = id.equals(a.getID());
+                }
+                assertTrue(found);
+            } finally {
+                if (user != null) {
+                    user.remove();
+                    superuser.save();
+                }
+            }
+        }
+    }
+
+
+
     //------------------------------------------------------------< private 
>---
 
     private static void addMembers(Group group, Authorizable... authorizables) 
throws RepositoryException {

svn commit: r1694986 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/

Reply via email to