svn commit: r1785942 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java

Wed, 08 Mar 2017 02:04:44 -0800 

Author: angela
Date: Wed Mar  8 10:04:17 2017
New Revision: 1785942

URL: http://svn.apache.org/viewvc?rev=1785942&view=rev
Log:
OAK-5906 : PrivilegeContext.definesLocation returns true for siblings of 
privilege root path 
 OAK-5909 : PrivilegeContext.definesContextRoot should take primary type into 
account
OAK-5882 : Improve coverage for oak.security code in oak-core (wip)

Added:
    
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java?rev=1785942&r1=1785941&r2=1785942&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java
 Wed Mar  8 10:04:17 2017
@@ -24,6 +24,7 @@ import org.apache.jackrabbit.oak.plugins
 import org.apache.jackrabbit.oak.spi.security.Context;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
 import org.apache.jackrabbit.oak.util.TreeUtil;
+import org.apache.jackrabbit.util.Text;
 
 final class PrivilegeContext implements Context, PrivilegeConstants {
 
@@ -39,12 +40,12 @@ final class PrivilegeContext implements
     //------------------------------------------------------------< Context 
>---
     @Override
     public boolean definesProperty(@Nonnull Tree parent, @Nonnull 
PropertyState property) {
-        return definesTree(parent) && 
PRIVILEGE_PROPERTY_NAMES.contains(property.getName());
+        return PRIVILEGE_PROPERTY_NAMES.contains(property.getName()) && 
definesTree(parent);
     }
 
     @Override
     public boolean definesContextRoot(@Nonnull Tree tree) {
-        return REP_PRIVILEGES.equals(tree.getName());
+        return REP_PRIVILEGES.equals(tree.getName()) && 
NT_REP_PRIVILEGES.equals(TreeUtil.getPrimaryTypeName(tree));
     }
 
     @Override
@@ -54,7 +55,7 @@ final class PrivilegeContext implements
 
     @Override
     public boolean definesLocation(@Nonnull TreeLocation location) {
-        return location.getPath().startsWith(PRIVILEGES_PATH);
+        return Text.isDescendantOrEqual(PRIVILEGES_PATH, location.getPath());
     }
 
     @Override

Added: 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java?rev=1785942&view=auto
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
 (added)
+++ 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
 Wed Mar  8 10:04:17 2017
@@ -0,0 +1,160 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.privilege;
+
+import java.util.List;
+import javax.annotation.Nonnull;
+
+import com.google.common.collect.ImmutableList;
+import org.apache.jackrabbit.JcrConstants;
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.commons.PathUtils;
+import org.apache.jackrabbit.oak.plugins.memory.EmptyNodeState;
+import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
+import org.apache.jackrabbit.oak.plugins.nodetype.NodeTypeConstants;
+import org.apache.jackrabbit.oak.plugins.tree.TreeFactory;
+import org.apache.jackrabbit.oak.plugins.tree.TreeLocation;
+import org.apache.jackrabbit.oak.spi.security.Context;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.when;
+
+public class PrivilegeContextTest {
+
+    private final Context ctx = PrivilegeContext.getInstance();
+
+    private static Tree mockTree(@Nonnull String name, @Nonnull String ntName) 
{
+        Tree t = Mockito.mock(Tree.class);
+        when(t.getName()).thenReturn(name);
+        
when(t.getProperty(JcrConstants.JCR_PRIMARYTYPE)).thenReturn(PropertyStates.createProperty(JcrConstants.JCR_PRIMARYTYPE,
 ntName, Type.NAME));
+        return t;
+    }
+
+
+    @Test
+    public void testDefinesProperty() {
+        for (String propName : PrivilegeConstants.PRIVILEGE_PROPERTY_NAMES) {
+            PropertyState property = PropertyStates.createProperty(propName, 
"value");
+
+            for (String ntName : PrivilegeConstants.PRIVILEGE_NODETYPE_NAMES) {
+                assertTrue(ctx.definesProperty(mockTree("anyName", ntName), 
property));
+
+            }
+        }
+    }
+
+    @Test
+    public void testNameNotDefinesProperty() {
+        for (String propName : new String[] {"anyName", 
JcrConstants.JCR_PRIMARYTYPE}) {
+            PropertyState property = PropertyStates.createProperty(propName, 
"value");
+
+            for (String ntName : PrivilegeConstants.PRIVILEGE_NODETYPE_NAMES) {
+                assertFalse(ctx.definesProperty(mockTree("anyName", ntName), 
property));
+
+            }
+        }
+    }
+
+
+    @Test
+    public void testParentNotDefinesProperty() {
+        for (String propName : PrivilegeConstants.PRIVILEGE_PROPERTY_NAMES) {
+            PropertyState property = PropertyStates.createProperty(propName, 
"value");
+
+            for (String ntName : new String[] {JcrConstants.NT_BASE, 
JcrConstants.NT_UNSTRUCTURED}) {
+                assertFalse(ctx.definesProperty(mockTree("anyName", ntName), 
property));
+
+            }
+        }
+    }
+
+    @Test
+    public void testDefinesContextRoot() {
+        
assertTrue(ctx.definesContextRoot(mockTree(PrivilegeConstants.REP_PRIVILEGES, 
PrivilegeConstants.NT_REP_PRIVILEGES)));
+    }
+
+    @Test
+    public void testNotDefinesContextRoot() {
+        
assertFalse(ctx.definesContextRoot(mockTree(PrivilegeConstants.REP_PRIVILEGES, 
PrivilegeConstants.NT_REP_PRIVILEGE)));
+        
assertFalse(ctx.definesContextRoot(mockTree(PrivilegeConstants.REP_PRIVILEGES, 
JcrConstants.NT_UNSTRUCTURED)));
+        
assertFalse(ctx.definesContextRoot(mockTree(PrivilegeConstants.REP_PRIVILEGES, 
NodeTypeConstants.NT_REP_NAMED_CHILD_NODE_DEFINITIONS)));
+        assertFalse(ctx.definesContextRoot(mockTree("anyName", 
PrivilegeConstants.NT_REP_PRIVILEGES)));
+    }
+
+    @Test
+    public void testDefinesTree() {
+        for (String ntName : PrivilegeConstants.PRIVILEGE_NODETYPE_NAMES) {
+            assertTrue(ctx.definesTree(mockTree("anyName", ntName)));
+        }
+    }
+
+    @Test
+    public void testEmptyNotDefinesTree() {
+        
assertFalse(ctx.definesTree(TreeFactory.createReadOnlyTree(EmptyNodeState.EMPTY_NODE)));
+    }
+
+    @Test
+    public void testNotDefinesTree() {
+        for (String ntName : new String[] {JcrConstants.NT_UNSTRUCTURED, 
JcrConstants.NT_BASE, NodeTypeConstants.NT_REP_SYSTEM, 
NodeTypeConstants.NT_REP_ROOT}) {
+            
assertFalse(ctx.definesTree(mockTree(PrivilegeConstants.REP_PRIVILEGES, 
ntName)));
+        }
+    }
+
+    @Test
+    public void testDefinesLocation() {
+        List<String> paths = ImmutableList.of(
+                PrivilegeConstants.PRIVILEGES_PATH,
+                PrivilegeConstants.PRIVILEGES_PATH + "/child",
+                PrivilegeConstants.PRIVILEGES_PATH + "/another/child"
+        );
+
+        for (String path : paths) {
+            TreeLocation location = Mockito.mock(TreeLocation.class);
+            when(location.getPath()).thenReturn(path);
+
+            assertTrue(path, ctx.definesLocation(location));
+        }
+    }
+
+    @Test
+    public void testNotDefinesLocation() {
+        List<String> paths = ImmutableList.of(
+                PathUtils.ROOT_PATH,
+                PrivilegeConstants.PRIVILEGES_PATH + "sibling",
+                "/some/other/path",
+                ""
+        );
+
+        for (String path : paths) {
+            TreeLocation location = Mockito.mock(TreeLocation.class);
+            when(location.getPath()).thenReturn(path);
+
+            assertFalse(path, ctx.definesLocation(location));
+        }
+    }
+
+    @Test
+    public void testDefinesInternal() {
+        assertFalse(ctx.definesInternal(Mockito.mock(Tree.class)));
+    }
+}
\ No newline at end of file

Reply via email to