Author: angela
Date: Fri Mar 3 10:28:08 2017
New Revision: 1785258
URL: http://svn.apache.org/viewvc?rev=1785258&view=rev
Log:
OAK-5793 : Improve coverage for spi.security code in oak-core (wip)
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionBestEffortTest.java
- copied, changed from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionTest.java
- copied, changed from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/PasswordValidationActionTest.java
- copied, changed from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractGroupActionTest.java
- copied, changed from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java
Removed:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionBestEffortTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/CompositeActionProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordChangeActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/whiteboard/WhiteboardUserAuthenticationFactoryTest.java
Copied:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionBestEffortTest.java
(from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionBestEffortTest.java)
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionBestEffortTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionBestEffortTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionBestEffortTest.java&r1=1785182&r2=1785258&rev=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionBestEffortTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionBestEffortTest.java
Fri Mar 3 10:28:08 2017
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.oak.spi.security.user.action;
+package org.apache.jackrabbit.oak.security.user.action;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
Copied:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionTest.java
(from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java)
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java&r1=1785182&r2=1785258&rev=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/GroupActionTest.java
Fri Mar 3 10:28:08 2017
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.oak.spi.security.user.action;
+package org.apache.jackrabbit.oak.security.user.action;
import java.util.List;
import java.util.Set;
@@ -34,6 +34,9 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.security.user.action.AbstractGroupAction;
+import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction;
+import
org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider;
import org.apache.jackrabbit.oak.spi.xml.ImportBehavior;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import org.junit.After;
Copied:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/PasswordValidationActionTest.java
(from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java)
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/PasswordValidationActionTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/PasswordValidationActionTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java&r1=1785182&r2=1785258&rev=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/action/PasswordValidationActionTest.java
Fri Mar 3 10:28:08 2017
@@ -14,9 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.oak.spi.security.user.action;
+package org.apache.jackrabbit.oak.security.user.action;
-import java.util.ArrayList;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
@@ -33,6 +32,10 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import
org.apache.jackrabbit.oak.spi.security.user.action.AbstractAuthorizableAction;
+import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction;
+import
org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider;
+import
org.apache.jackrabbit.oak.spi.security.user.action.PasswordValidationAction;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
import org.junit.After;
import org.junit.Before;
@@ -56,14 +59,10 @@ public class PasswordValidationActionTes
};
private User user;
- private User testUser;
@Before
public void before() throws Exception {
super.before();
-
- user = (User)
getUserManager(root).getAuthorizable(adminSession.getAuthInfo().getUserID());
-
testAction.reset();
pwAction.init(getSecurityProvider(), ConfigurationParameters.of(
PasswordValidationAction.CONSTRAINT,
"^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*"));
@@ -72,8 +71,8 @@ public class PasswordValidationActionTes
@After
public void after() throws Exception {
- if (testUser != null) {
- testUser.remove();
+ if (user != null) {
+ user.remove();
root.commit();
}
root = null;
@@ -90,67 +89,37 @@ public class PasswordValidationActionTes
@Test
public void testActionIsCalled() throws Exception {
- testUser = getUserManager(root).createUser("testUser",
"testUser12345");
+ user = getUserManager(root).createUser("testUser", "testUser12345");
root.commit();
assertEquals(1, testAction.onCreateCalled);
- testUser.changePassword("pW12345678");
+ user.changePassword("pW12345678");
assertEquals(1, testAction.onPasswordChangeCalled);
- testUser.changePassword("pW1234567890", "pW12345678");
+ user.changePassword("pW1234567890", "pW12345678");
assertEquals(2, testAction.onPasswordChangeCalled);
}
@Test
- public void testPasswordValidationAction() throws Exception {
- List<String> invalid = new ArrayList<String>();
- invalid.add("pw1");
- invalid.add("only6C");
- invalid.add("12345678");
- invalid.add("WITHOUTLOWERCASE");
- invalid.add("withoutuppercase");
-
- for (String pw : invalid) {
- try {
- pwAction.onPasswordChange(user, pw, root,
NamePathMapper.DEFAULT);
- fail("should throw constraint violation");
- } catch (ConstraintViolationException e) {
- // success
- }
- }
-
- List<String> valid = new ArrayList<String>();
- valid.add("abCDefGH");
- valid.add("Abbbbbbbbbbbb");
- valid.add("cDDDDDDDDDDDDDDDDD");
- valid.add("gH%%%%%%%%%%%%%%%%^^");
- valid.add("&)(*&^%23qW");
-
- for (String pw : valid) {
- pwAction.onPasswordChange(user, pw, root, NamePathMapper.DEFAULT);
- }
- }
-
- @Test
public void testPasswordValidationActionOnCreate() throws Exception {
String hashed = PasswordUtil.buildPasswordHash("DWkej32H");
- testUser = getUserManager(root).createUser("testuser", hashed);
+ user = getUserManager(root).createUser("testuser", hashed);
root.commit();
- String pwValue =
root.getTree(testUser.getPath()).getProperty(UserConstants.REP_PASSWORD).getValue(Type.STRING);
+ String pwValue =
root.getTree(user.getPath()).getProperty(UserConstants.REP_PASSWORD).getValue(Type.STRING);
assertFalse(PasswordUtil.isPlainTextPassword(pwValue));
assertTrue(PasswordUtil.isSame(pwValue, hashed));
}
@Test
public void testPasswordValidationActionOnChange() throws Exception {
- testUser = getUserManager(root).createUser("testuser", "testPw123456");
+ user = getUserManager(root).createUser("testuser", "testPw123456");
root.commit();
try {
pwAction.init(getSecurityProvider(),
ConfigurationParameters.of(PasswordValidationAction.CONSTRAINT, "abc"));
String hashed = PasswordUtil.buildPasswordHash("abc");
- testUser.changePassword(hashed);
+ user.changePassword(hashed);
fail("Password change must always enforce password validation.");
Copied:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractGroupActionTest.java
(from r1785182,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java)
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractGroupActionTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractGroupActionTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java&r1=1785182&r2=1785258&rev=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/GroupActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractGroupActionTest.java
Fri Mar 3 10:28:08 2017
@@ -16,209 +16,46 @@
*/
package org.apache.jackrabbit.oak.spi.security.user.action;
-import java.util.List;
-import java.util.Set;
-import javax.annotation.Nonnull;
-import javax.jcr.RepositoryException;
-
-import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Iterables;
-import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
-import org.apache.jackrabbit.oak.spi.xml.ImportBehavior;
-import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
-import org.junit.After;
-import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-public class GroupActionTest extends AbstractSecurityTest {
-
- private static final String TEST_GROUP_ID = "testGroup";
- private static final String TEST_USER_PREFIX = "testUser";
-
- final TestGroupAction groupAction = new TestGroupAction();
- private final AuthorizableActionProvider actionProvider = new
AuthorizableActionProvider() {
- @Nonnull
- @Override
- public List<? extends AuthorizableAction>
getAuthorizableActions(@Nonnull SecurityProvider securityProvider) {
- return ImmutableList.of(groupAction);
- }
- };
-
- private User testUser01;
- private User testUser02;
-
- Group testGroup;
-
- @Before
- public void before() throws Exception {
- super.before();
-
- testGroup = getUserManager(root).createGroup(TEST_GROUP_ID);
- root.commit();
- }
-
- @After
- public void after() throws Exception {
- if (testGroup != null) {
- testGroup.remove();
- root.commit();
- }
-
- if (testUser01 != null) {
- testUser01.remove();
- root.commit();
- }
-
- if (testUser02 != null) {
- testUser02.remove();
- root.commit();
- }
+public class AbstractGroupActionTest {
- root = null;
- super.after();
- }
+ private final GroupAction groupAction = new AbstractGroupAction() {};
- @Override
- protected ConfigurationParameters getSecurityConfigParameters() {
- ConfigurationParameters userParams = ConfigurationParameters.of(
- UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER,
actionProvider,
- ProtectedItemImporter.PARAM_IMPORT_BEHAVIOR,
getImportBehavior()
- );
- return ConfigurationParameters.of(UserConfiguration.NAME, userParams);
- }
+ private final User user = Mockito.mock(User.class);
+ private final Group group = Mockito.mock(Group.class);
- String getImportBehavior() {
- return ImportBehavior.NAME_IGNORE;
- }
+ private final Root root = Mockito.mock(Root.class);
+ private final NamePathMapper namePathMapper =
Mockito.mock(NamePathMapper.class);
@Test
public void testMemberAdded() throws Exception {
- testUser01 = getUserManager(root).createUser(TEST_USER_PREFIX + "01",
"");
-
- testGroup.addMember(testUser01);
- assertTrue(groupAction.onMemberAddedCalled);
- assertEquals(testGroup, groupAction.group);
- assertEquals(testUser01, groupAction.member);
+ groupAction.onMemberAdded(group, user, root, namePathMapper);
}
@Test
public void testMemberRemoved() throws Exception {
- testUser01 = getUserManager(root).createUser(TEST_USER_PREFIX + "01",
"");
- testGroup.addMember(testUser01);
- root.commit();
-
- testGroup.removeMember(testUser01);
- assertTrue(groupAction.onMemberRemovedCalled);
- assertEquals(testGroup, groupAction.group);
- assertEquals(testUser01, groupAction.member);
+ groupAction.onMemberRemoved(group, user, root, namePathMapper);
}
@Test
public void testMembersAdded() throws Exception {
- testUser01 = getUserManager(root).createUser(TEST_USER_PREFIX + "01",
"");
- testUser02 = getUserManager(root).createUser(TEST_USER_PREFIX + "02",
"");
- testGroup.addMember(testUser02);
-
- Set<String> memberIds = ImmutableSet.of(testUser01.getID());
- Set<String> failedIds = ImmutableSet.of(testUser02.getID(),
testGroup.getID());
- Iterable<String> ids = Iterables.concat(memberIds, failedIds);
-
- testGroup.addMembers(Iterables.toArray(ids, String.class));
- assertTrue(groupAction.onMembersAddedCalled);
- assertEquals(testGroup, groupAction.group);
- assertEquals(memberIds, groupAction.memberIds);
- assertEquals(failedIds, groupAction.failedIds);
+ groupAction.onMembersAdded(group, ImmutableSet.of("user1", "user2"),
ImmutableSet.<String>of(), root, namePathMapper);
}
@Test
- public void testMembersAddedNonExisting() throws Exception {
- Set<String> nonExisting = ImmutableSet.of("blinder", "passagier");
-
- testGroup.addMembers(nonExisting.toArray(new
String[nonExisting.size()]));
- assertFalse(groupAction.memberIds.iterator().hasNext());
- assertTrue(Iterables.elementsEqual(nonExisting,
groupAction.failedIds));
+ public void testMembersAddedContentId() throws Exception {
+ groupAction.onMembersAddedContentId(group, ImmutableSet.of("user1",
"user2"), ImmutableSet.<String>of(), root, namePathMapper);
}
@Test
public void testMembersRemoved() throws Exception {
- testUser01 = getUserManager(root).createUser(TEST_USER_PREFIX + "01",
"");
- testUser02 = getUserManager(root).createUser(TEST_USER_PREFIX + "02",
"");
- testGroup.addMember(testUser01);
-
- Set<String> memberIds = ImmutableSet.of(testUser01.getID());
- Set<String> failedIds = ImmutableSet.of(testUser02.getID(),
testGroup.getID());
- Iterable<String> ids = Iterables.concat(memberIds, failedIds);
-
- testGroup.removeMembers(Iterables.toArray(ids, String.class));
- assertTrue(groupAction.onMembersRemovedCalled);
- assertEquals(testGroup, groupAction.group);
- assertEquals(memberIds, groupAction.memberIds);
- assertEquals(failedIds, groupAction.failedIds);
- }
-
- @Test
- public void testMembersRemovedNonExisting() throws Exception {
- Set<String> nonExisting = ImmutableSet.of("blinder", "passagier");
-
- testGroup.removeMembers(nonExisting.toArray(new
String[nonExisting.size()]));
- assertFalse(groupAction.memberIds.iterator().hasNext());
- assertTrue(Iterables.elementsEqual(nonExisting,
groupAction.failedIds));
- }
-
- class TestGroupAction extends AbstractGroupAction {
-
- boolean onMemberAddedCalled = false;
- boolean onMembersAddedCalled = false;
- boolean onMemberRemovedCalled = false;
- boolean onMembersRemovedCalled = false;
-
- Group group;
- Set<String> memberIds;
- Set<String> failedIds;
- Authorizable member;
-
- @Override
- public void onMemberAdded(@Nonnull Group group, @Nonnull Authorizable
member, @Nonnull Root root, @Nonnull NamePathMapper namePathMapper) throws
RepositoryException {
- this.group = group;
- this.member = member;
- onMemberAddedCalled = true;
- }
-
- @Override
- public void onMembersAdded(@Nonnull Group group, @Nonnull
Iterable<String> memberIds, @Nonnull Iterable<String> failedIds, @Nonnull Root
root, @Nonnull NamePathMapper namePathMapper) throws RepositoryException {
- this.group = group;
- this.memberIds = ImmutableSet.copyOf(memberIds);
- this.failedIds = ImmutableSet.copyOf(failedIds);
- onMembersAddedCalled = true;
- }
-
- @Override
- public void onMemberRemoved(@Nonnull Group group, @Nonnull
Authorizable member, @Nonnull Root root, @Nonnull NamePathMapper
namePathMapper) throws RepositoryException {
- this.group = group;
- this.member = member;
- onMemberRemovedCalled = true;
- }
-
- @Override
- public void onMembersRemoved(@Nonnull Group group, @Nonnull
Iterable<String> memberIds, @Nonnull Iterable<String> failedIds, @Nonnull Root
root, @Nonnull NamePathMapper namePathMapper) throws RepositoryException {
- this.group = group;
- this.memberIds = ImmutableSet.copyOf(memberIds);
- this.failedIds = ImmutableSet.copyOf(failedIds);
- onMembersRemovedCalled = true;
- }
+ groupAction.onMembersRemoved(group, ImmutableSet.of("user1", "user2"),
ImmutableSet.<String>of(), root, namePathMapper);
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/CompositeActionProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/CompositeActionProviderTest.java?rev=1785258&r1=1785257&r2=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/CompositeActionProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/CompositeActionProviderTest.java
Fri Mar 3 10:28:08 2017
@@ -20,25 +20,27 @@ import java.util.List;
import javax.annotation.Nonnull;
import com.google.common.collect.ImmutableList;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
-public class CompositeActionProviderTest extends AbstractSecurityTest {
+public class CompositeActionProviderTest {
+
+ private final SecurityProvider securityProvider =
Mockito.mock(SecurityProvider.class);
@Test
public void testEmpty() {
CompositeActionProvider cap = new CompositeActionProvider();
-
assertTrue(cap.getAuthorizableActions(getSecurityProvider()).isEmpty());
+ assertTrue(cap.getAuthorizableActions(securityProvider).isEmpty());
}
@Test
public void testSingle() {
AuthorizableActionProvider aap = new TestAuthorizableActionProvider();
- assertEquals(aap.getAuthorizableActions(getSecurityProvider()), new
CompositeActionProvider(aap).getAuthorizableActions(getSecurityProvider()));
+ assertEquals(aap.getAuthorizableActions(securityProvider), new
CompositeActionProvider(aap).getAuthorizableActions(securityProvider));
}
@Test
@@ -46,7 +48,7 @@ public class CompositeActionProviderTest
AuthorizableActionProvider aap = new TestAuthorizableActionProvider();
AuthorizableActionProvider aap2 = new TestAuthorizableActionProvider();
- assertEquals(ImmutableList.of(TestAction.INSTANCE,
TestAction.INSTANCE), new CompositeActionProvider(aap,
aap2).getAuthorizableActions(getSecurityProvider()));
+ assertEquals(ImmutableList.of(TestAction.INSTANCE,
TestAction.INSTANCE), new CompositeActionProvider(aap,
aap2).getAuthorizableActions(securityProvider));
}
@Test
@@ -54,7 +56,7 @@ public class CompositeActionProviderTest
AuthorizableActionProvider aap = new TestAuthorizableActionProvider();
AuthorizableActionProvider aap2 = new TestAuthorizableActionProvider();
- assertEquals(ImmutableList.of(TestAction.INSTANCE,
TestAction.INSTANCE), new CompositeActionProvider(ImmutableList.of(aap,
aap2)).getAuthorizableActions(getSecurityProvider()));
+ assertEquals(ImmutableList.of(TestAction.INSTANCE,
TestAction.INSTANCE), new CompositeActionProvider(ImmutableList.of(aap,
aap2)).getAuthorizableActions(securityProvider));
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProviderTest.java?rev=1785258&r1=1785257&r2=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProviderTest.java
Fri Mar 3 10:28:08 2017
@@ -20,7 +20,6 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import
org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordChangeActionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordChangeActionTest.java?rev=1785258&r1=1785257&r2=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordChangeActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordChangeActionTest.java
Fri Mar 3 10:28:08 2017
@@ -16,49 +16,73 @@
*/
package org.apache.jackrabbit.oak.spi.security.user.action;
-import java.util.UUID;
+import javax.annotation.Nullable;
import javax.jcr.nodetype.ConstraintViolationException;
import org.apache.jackrabbit.api.security.user.User;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
-public class PasswordChangeActionTest extends AbstractSecurityTest {
+import static org.mockito.Mockito.when;
+
+public class PasswordChangeActionTest {
+
+ private static final String USER_PATH = "/userpath";
+
+ private final NamePathMapper namePathMapper =
Mockito.mock(NamePathMapper.class);
private PasswordChangeAction pwChangeAction;
+ private User user;
+
@Before
public void before() throws Exception {
- super.before();
pwChangeAction = new PasswordChangeAction();
- pwChangeAction.init(getSecurityProvider(),
ConfigurationParameters.EMPTY);
+ pwChangeAction.init(Mockito.mock(SecurityProvider.class),
ConfigurationParameters.EMPTY);
+
+ user = Mockito.mock(User.class);
+ when(user.getPath()).thenReturn(USER_PATH);
+ }
+
+ private static Root createRoot(@Nullable String pw) throws Exception {
+ Tree userTree = Mockito.mock(Tree.class);
+ if (pw != null) {
+ String pwHash = PasswordUtil.buildPasswordHash(pw);
+
when(userTree.getProperty(UserConstants.REP_PASSWORD)).thenReturn(PropertyStates.createProperty(UserConstants.REP_PASSWORD,
pwHash));
+ }
+ Root root = Mockito.mock(Root.class);
+ when(root.getTree(USER_PATH)).thenReturn(userTree);
+ return root;
}
@Test(expected = ConstraintViolationException.class)
public void testNullPassword() throws Exception {
- pwChangeAction.onPasswordChange(getTestUser(), null, root,
getNamePathMapper());
+ pwChangeAction.onPasswordChange(user, null, createRoot(null),
namePathMapper);
}
@Test(expected = ConstraintViolationException.class)
public void testSamePassword() throws Exception {
- User user = getTestUser();
- String pw = user.getID();
- pwChangeAction.onPasswordChange(user, pw, root, getNamePathMapper());
+ pwChangeAction.onPasswordChange(user, "pw", createRoot("pw"),
namePathMapper);
}
@Test
public void testPasswordChange() throws Exception {
- pwChangeAction.onPasswordChange(getTestUser(), "changedPassword",
root, getNamePathMapper());
+ pwChangeAction.onPasswordChange(user, "changedPassword",
createRoot("pw"), namePathMapper);
}
@Test
public void testUserWithoutPassword() throws Exception {
- String uid = "testUser" + UUID.randomUUID();
- User user = getUserManager(root).createUser(uid, null);
try {
- pwChangeAction.onPasswordChange(user, "changedPassword", root,
getNamePathMapper());
+ pwChangeAction.onPasswordChange(user, "changedPassword",
createRoot(null), namePathMapper);
} finally {
user.remove();
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1785258&r1=1785257&r2=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Fri Mar 3 10:28:08 2017
@@ -18,91 +18,59 @@ package org.apache.jackrabbit.oak.spi.se
import java.util.ArrayList;
import java.util.List;
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
-import javax.jcr.RepositoryException;
import javax.jcr.nodetype.ConstraintViolationException;
-import com.google.common.collect.ImmutableList;
import org.apache.jackrabbit.api.security.user.User;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
-import org.junit.After;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-public class PasswordValidationActionTest extends AbstractSecurityTest {
+public class PasswordValidationActionTest {
+ private final SecurityProvider securityProvider =
Mockito.mock(SecurityProvider.class);
+ private final Root root = Mockito.mock(Root.class);
+ private final NamePathMapper namePathMapper =
Mockito.mock(NamePathMapper.class);
private final PasswordValidationAction pwAction = new
PasswordValidationAction();
- private final TestAction testAction = new TestAction();
- private final AuthorizableActionProvider actionProvider = new
AuthorizableActionProvider() {
- @Nonnull
- @Override
- public List<? extends AuthorizableAction>
getAuthorizableActions(@Nonnull SecurityProvider securityProvider) {
- return ImmutableList.of(pwAction, testAction);
- }
- };
private User user;
- private User testUser;
@Before
public void before() throws Exception {
- super.before();
-
- user = (User)
getUserManager(root).getAuthorizable(adminSession.getAuthInfo().getUserID());
-
- testAction.reset();
- pwAction.init(getSecurityProvider(), ConfigurationParameters.of(
+ user = Mockito.mock(User.class);
+ pwAction.init(securityProvider, ConfigurationParameters.of(
PasswordValidationAction.CONSTRAINT,
"^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*"));
}
- @After
- public void after() throws Exception {
- if (testUser != null) {
- testUser.remove();
- root.commit();
- }
- root = null;
- super.after();
+ @Test
+ public void testOnCreateNullPw() throws Exception {
+ pwAction.onCreate(user, null, root, namePathMapper);
}
- @Override
- protected ConfigurationParameters getSecurityConfigParameters() {
- ConfigurationParameters userParams = ConfigurationParameters.of(
- UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER,
actionProvider
- );
- return ConfigurationParameters.of(UserConfiguration.NAME, userParams);
+ @Test(expected = ConstraintViolationException.class)
+ public void testOnCreateInvalidPw() throws Exception {
+ pwAction.onCreate(user, "pw", root, namePathMapper);
}
- @Test
- public void testActionIsCalled() throws Exception {
- testUser = getUserManager(root).createUser("testUser",
"testUser12345");
- root.commit();
- assertEquals(1, testAction.onCreateCalled);
-
- testUser.changePassword("pW12345678");
- assertEquals(1, testAction.onPasswordChangeCalled);
+ @Test(expected = ConstraintViolationException.class)
+ public void testOnCreateEmptyPw() throws Exception {
+ pwAction.onCreate(user, "", root, namePathMapper);
+ }
- testUser.changePassword("pW1234567890", "pW12345678");
- assertEquals(2, testAction.onPasswordChangeCalled);
+ @Test
+ public void testOnCreateValidPw() throws Exception {
+ pwAction.onCreate(user, "abCDefGH", root, namePathMapper);
}
@Test
- public void testPasswordValidationAction() throws Exception {
+ public void testPasswordValidationActionInvalid() throws Exception {
List<String> invalid = new ArrayList<String>();
invalid.add("pw1");
invalid.add("only6C");
@@ -112,14 +80,17 @@ public class PasswordValidationActionTes
for (String pw : invalid) {
try {
- pwAction.onPasswordChange(user, pw, root,
NamePathMapper.DEFAULT);
+ pwAction.onPasswordChange(user, pw, root, namePathMapper);
fail("should throw constraint violation");
} catch (ConstraintViolationException e) {
// success
}
}
+ }
- List<String> valid = new ArrayList<String>();
+ @Test
+ public void testPasswordValidationActionValid() throws Exception {
+ List<String> valid = new ArrayList();
valid.add("abCDefGH");
valid.add("Abbbbbbbbbbbb");
valid.add("cDDDDDDDDDDDDDDDDD");
@@ -127,57 +98,15 @@ public class PasswordValidationActionTes
valid.add("&)(*&^%23qW");
for (String pw : valid) {
- pwAction.onPasswordChange(user, pw, root, NamePathMapper.DEFAULT);
+ pwAction.onPasswordChange(user, pw, root, namePathMapper);
}
}
- @Test
- public void testPasswordValidationActionOnCreate() throws Exception {
- String hashed = PasswordUtil.buildPasswordHash("DWkej32H");
- testUser = getUserManager(root).createUser("testuser", hashed);
- root.commit();
-
- String pwValue =
root.getTree(testUser.getPath()).getProperty(UserConstants.REP_PASSWORD).getValue(Type.STRING);
- assertFalse(PasswordUtil.isPlainTextPassword(pwValue));
- assertTrue(PasswordUtil.isSame(pwValue, hashed));
- }
-
- @Test
+ @Test(expected = ConstraintViolationException.class)
public void testPasswordValidationActionOnChange() throws Exception {
- testUser = getUserManager(root).createUser("testuser", "testPw123456");
- root.commit();
- try {
- pwAction.init(getSecurityProvider(),
ConfigurationParameters.of(PasswordValidationAction.CONSTRAINT, "abc"));
-
- String hashed = PasswordUtil.buildPasswordHash("abc");
- testUser.changePassword(hashed);
-
- fail("Password change must always enforce password validation.");
-
- } catch (ConstraintViolationException e) {
- // success
- }
- }
-
-
//--------------------------------------------------------------------------
- private class TestAction extends AbstractAuthorizableAction {
+ pwAction.init(securityProvider,
ConfigurationParameters.of(PasswordValidationAction.CONSTRAINT, "abc"));
- private int onCreateCalled = 0;
- private int onPasswordChangeCalled = 0;
-
- void reset() {
- onCreateCalled = 0;
- onPasswordChangeCalled = 0;
- }
-
- @Override
- public void onCreate(@Nonnull User user, @Nullable String password,
@Nonnull Root root, @Nonnull NamePathMapper namePathMapper) throws
RepositoryException {
- onCreateCalled++;
- }
-
- @Override
- public void onPasswordChange(@Nonnull User user, @Nullable String
newPassword, @Nonnull Root root, @Nonnull NamePathMapper namePathMapper) throws
RepositoryException {
- onPasswordChangeCalled++;
- }
+ String hashed = PasswordUtil.buildPasswordHash("abc");
+ pwAction.onPasswordChange(user, hashed, Mockito.mock(Root.class),
Mockito.mock(NamePathMapper.class));
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/whiteboard/WhiteboardUserAuthenticationFactoryTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/whiteboard/WhiteboardUserAuthenticationFactoryTest.java?rev=1785258&r1=1785257&r2=1785258&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/whiteboard/WhiteboardUserAuthenticationFactoryTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/whiteboard/WhiteboardUserAuthenticationFactoryTest.java
Fri Mar 3 10:28:08 2017
@@ -22,17 +22,20 @@ import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.jcr.Credentials;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.spi.security.authentication.Authentication;
import org.apache.jackrabbit.oak.spi.security.user.UserAuthenticationFactory;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
-public class WhiteboardUserAuthenticationFactoryTest extends
AbstractSecurityTest {
+public class WhiteboardUserAuthenticationFactoryTest {
+
+ private final Root root = Mockito.mock(Root.class);
+ private final UserConfiguration userConfiguration =
Mockito.mock(UserConfiguration.class);
private WhiteboardUserAuthenticationFactory createFactory(@Nullable final
UserAuthenticationFactory defaultFactory,
@Nonnull final
String... userIds) {
@@ -48,6 +51,11 @@ public class WhiteboardUserAuthenticatio
};
}
+ @Nonnull
+ private UserConfiguration getUserConfiguration() {
+ return userConfiguration;
+ }
+
@Test
public void testSingleService() throws Exception {
WhiteboardUserAuthenticationFactory factory = createFactory(null,
"test");
