Author: angela
Date: Mon Apr 3 15:46:17 2017
New Revision: 1790013
URL: http://svn.apache.org/viewvc?rev=1790013&view=rev
Log:
OAK-5882 : Improve coverage for oak.security code in oak-core (wip)
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
(with props)
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java
(with props)
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java
(with props)
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java?rev=1790013&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
Mon Apr 3 15:46:17 2017
@@ -0,0 +1,256 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.annotation.Nonnull;
+import javax.jcr.ImportUUIDBehavior;
+import javax.jcr.PropertyType;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.Value;
+import javax.jcr.nodetype.PropertyDefinition;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.Lists;
+import org.apache.jackrabbit.JcrConstants;
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.commons.PathUtils;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.nodetype.ReadOnlyNodeTypeManager;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction;
+import
org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider;
+import org.apache.jackrabbit.oak.spi.security.user.action.GroupAction;
+import org.apache.jackrabbit.oak.spi.xml.ImportBehavior;
+import org.apache.jackrabbit.oak.spi.xml.PropInfo;
+import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
+import org.apache.jackrabbit.oak.spi.xml.ReferenceChangeTracker;
+import org.apache.jackrabbit.oak.spi.xml.TextValue;
+import org.apache.jackrabbit.oak.util.NodeUtil;
+import org.mockito.Mockito;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.when;
+
+/**
+ * UserImporterBaseTest... TODO
+ */
+public abstract class UserImporterBaseTest extends AbstractSecurityTest
implements UserConstants {
+
+ static final String TEST_USER_ID = "uid";
+ static final String TEST_GROUP_ID = "gid";
+
+ TestAction testAction;
+ AuthorizableActionProvider actionProvider = new
AuthorizableActionProvider() {
+ @Nonnull
+ @Override
+ public List<? extends AuthorizableAction>
getAuthorizableActions(@Nonnull SecurityProvider securityProvider) {
+ return (testAction == null) ?
ImmutableList.<AuthorizableAction>of() : ImmutableList.of(testAction);
+ }
+ };
+
+ User testUser;
+
+ ReferenceChangeTracker refTracker = new ReferenceChangeTracker();
+
+ UserImporter importer;
+
+ @Override
+ public void before() throws Exception {
+ super.before();
+
+ testUser = getTestUser();
+ importer = new UserImporter(getImportConfig());
+ }
+
+ @Override
+ public void after() throws Exception {
+ try {
+ refTracker.clear();
+ root.refresh();
+ } finally {
+ super.after();
+ }
+ }
+
+ ConfigurationParameters getImportConfig() {
+ return
getSecurityConfigParameters().getConfigValue(UserConfiguration.NAME,
ConfigurationParameters.EMPTY);
+ }
+
+ String getImportBehavior() {
+ return ImportBehavior.NAME_IGNORE;
+ }
+
+ @Override
+ protected ConfigurationParameters getSecurityConfigParameters() {
+ ConfigurationParameters userParams = ConfigurationParameters.of(
+ UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER,
actionProvider,
+ ProtectedItemImporter.PARAM_IMPORT_BEHAVIOR,
getImportBehavior()
+ );
+ return ConfigurationParameters.of(UserConfiguration.NAME, userParams);
+ }
+
+ Session mockJackrabbitSession() throws Exception {
+ JackrabbitSession s = Mockito.mock(JackrabbitSession.class);
+ when(s.getUserManager()).thenReturn(getUserManager(root));
+ return s;
+ }
+
+ boolean isWorkspaceImport() {
+ return false;
+ }
+
+
+ boolean init() throws Exception {
+ return init(false);
+ }
+
+ boolean init(boolean createAction) throws Exception {
+ if (createAction) {
+ testAction = new TestAction();
+ }
+ return importer.init(mockJackrabbitSession(), root,
getNamePathMapper(), isWorkspaceImport(),
ImportUUIDBehavior.IMPORT_UUID_COLLISION_REMOVE_EXISTING, refTracker,
getSecurityProvider());
+ }
+
+ Tree createUserTree() {
+ Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
+ Tree userTree = folder.addChild("userTree");
+ userTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_USER,
Type.NAME);
+ userTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_USER_ID));
+ return userTree;
+ }
+
+ Tree createGroupTree() throws Exception {
+ String groupPath =
getUserConfiguration().getParameters().getConfigValue(PARAM_GROUP_PATH,
DEFAULT_GROUP_PATH);
+
+ NodeUtil node = new NodeUtil(root.getTree(PathUtils.ROOT_PATH));
+ NodeUtil groupRoot =
node.getOrAddTree(PathUtils.relativize(PathUtils.ROOT_PATH, groupPath),
NT_REP_AUTHORIZABLE_FOLDER);
+
+ Tree groupTree = groupRoot.addChild("testGroup",
NT_REP_GROUP).getTree();
+ groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID));
+ return groupTree;
+ }
+
+ PropInfo createPropInfo(@Nonnull String name, final String... values) {
+ List<TextValue> txtValues = Lists.newArrayList();
+ for (final String v : values) {
+ txtValues.add(new TextValue() {
+ @Override
+ public String getString() {
+ return v;
+ }
+
+ @Override
+ public Value getValue(int targetType) throws
RepositoryException {
+ return getValueFactory(root).createValue(v, targetType);
+ }
+
+ @Override
+ public void dispose() {
+ //nop
+ }
+ });
+ }
+ return new PropInfo(name, PropertyType.STRING, txtValues);
+ }
+
+ PropertyDefinition mockPropertyDefinition(@Nonnull String declaringNt,
boolean mv) throws Exception {
+ PropertyDefinition def = Mockito.mock(PropertyDefinition.class);
+ when(def.isMultiple()).thenReturn(mv);
+
when(def.getDeclaringNodeType()).thenReturn(ReadOnlyNodeTypeManager.getInstance(root,
getNamePathMapper()).getNodeType(declaringNt));
+ return def;
+ }
+
+
+
//--------------------------------------------------------------------------
+
+ final class TestAction implements AuthorizableAction, GroupAction {
+
+ private List<String> methodCalls = new ArrayList();
+
+ private void clear() {
+ methodCalls.clear();
+ }
+
+ void checkMethods(String... expected) {
+ assertEquals(ImmutableList.copyOf(expected), methodCalls);
+ }
+
+ @Override
+ public void init(SecurityProvider securityProvider,
ConfigurationParameters config) {
+ }
+
+ @Override
+ public void onCreate(Group group, Root root, NamePathMapper
namePathMapper) throws RepositoryException {
+ methodCalls.add("onCreate-Group");
+ }
+
+ @Override
+ public void onCreate(User user, String password, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
+ methodCalls.add("onCreate-User");
+ }
+
+ @Override
+ public void onRemove(Authorizable authorizable, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
+ methodCalls.add("onRemove");
+ }
+
+ @Override
+ public void onPasswordChange(User user, String newPassword, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
+ methodCalls.add("onPasswordChange");
+ }
+
+ @Override
+ public void onMemberAdded(Group group, Authorizable member, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
+ methodCalls.add("onMemberAdded");
+ }
+
+ @Override
+ public void onMembersAdded(Group group, Iterable<String> memberIds,
Iterable<String> failedIds, Root root, NamePathMapper namePathMapper) throws
RepositoryException {
+ methodCalls.add("onMembersAdded");
+ }
+
+ @Override
+ public void onMembersAddedContentId(Group group, Iterable<String>
memberContentIds, Iterable<String> failedIds, Root root, NamePathMapper
namePathMapper) throws RepositoryException {
+ methodCalls.add("onMembersAddedContentId");
+ }
+
+ @Override
+ public void onMemberRemoved(Group group, Authorizable member, Root
root, NamePathMapper namePathMapper) throws RepositoryException {
+ methodCalls.add("onMemberRemoved");
+ }
+
+ @Override
+ public void onMembersRemoved(Group group, Iterable<String> memberIds,
Iterable<String> failedIds, Root root, NamePathMapper namePathMapper) throws
RepositoryException {
+ methodCalls.add("onMembersRemoved");
+ }
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java?rev=1790013&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java
Mon Apr 3 15:46:17 2017
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.nodetype.ConstraintViolationException;
+
+import com.google.common.collect.ImmutableList;
+import org.apache.jackrabbit.JcrConstants;
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.spi.xml.ImportBehavior;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+public class UserImporterImpersonationAbortTest extends
UserImporterImpersonationIgnoreTest {
+
+ @Override
+ String getImportBehavior() {
+ return ImportBehavior.NAME_ABORT;
+ }
+
+ @Test(expected = ConstraintViolationException.class)
+ public void testUnknownImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1", "impersonator2"),
mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+ }
+
+ @Test(expected = ConstraintViolationException.class)
+ public void testMixedImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1",
testUser.getPrincipal().getName()), mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java?rev=1790013&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java
Mon Apr 3 15:46:17 2017
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import javax.jcr.nodetype.ConstraintViolationException;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.spi.xml.ImportBehavior;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+public class UserImporterImpersonationBestEffortTest extends
UserImporterImpersonationIgnoreTest {
+
+ @Override
+ String getImportBehavior() {
+ return ImportBehavior.NAME_BESTEFFORT;
+ }
+
+ public void testUnknownImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1", "impersonator2"),
mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableSet.of("impersonator1", "impersonator2"),
ImmutableSet.copyOf(impersonators.getValue(Type.STRINGS)));
+ }
+
+ @Test
+ public void testMixedImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1",
testUser.getPrincipal().getName()), mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableSet.of("impersonator1",
testUser.getPrincipal().getName()),
ImmutableSet.copyOf(impersonators.getValue(Type.STRINGS)));
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java?rev=1790013&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
Mon Apr 3 15:46:17 2017
@@ -0,0 +1,138 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import javax.jcr.RepositoryException;
+
+import com.google.common.collect.ImmutableList;
+import org.apache.jackrabbit.JcrConstants;
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+public class UserImporterImpersonationIgnoreTest extends UserImporterBaseTest {
+
+ Tree userTree;
+
+ @Override
+ public void before() throws Exception {
+ super.before();
+
+ init();
+ userTree = createUserTree();
+ }
+
+ @Test
+ public void testUnknownImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1", "impersonator2"),
mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+
+ // default importbehavior == IGNORE
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNull(impersonators);
+ }
+
+ @Test
+ public void testKnownImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, testUser.getPrincipal().getName()),
mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableList.of(testUser.getPrincipal().getName()),
impersonators.getValue(Type.STRINGS));
+ }
+
+ @Test
+ public void testMixedImpersonators() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1",
testUser.getPrincipal().getName()), mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableList.of(testUser.getPrincipal().getName()),
impersonators.getValue(Type.STRINGS));
+ }
+
+ @Test(expected = RepositoryException.class)
+ public void testUserRemovedBeforeProcessing() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, testUser.getPrincipal().getName()),
mockPropertyDefinition(NT_REP_USER, true)));
+ userTree.remove();
+ importer.processReferences();
+ }
+
+ @Test(expected = RepositoryException.class)
+ public void testUserConvertedGroupBeforeProcessing() throws Exception {
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, testUser.getPrincipal().getName()),
mockPropertyDefinition(NT_REP_USER, true)));
+ userTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_GROUP);
+ importer.processReferences();
+ }
+
+ @Test
+ public void testReplaceExistingProperty() throws Exception {
+ userTree.setProperty(REP_IMPERSONATORS,
ImmutableList.of("impersonator1"), Type.STRINGS);
+
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, testUser.getPrincipal().getName()),
mockPropertyDefinition(NT_REP_USER, true)));
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableList.of(testUser.getPrincipal().getName()),
impersonators.getValue(Type.STRINGS));
+ }
+
+ @Test
+ public void testNewImpersonator() throws Exception {
+ Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
+ Tree impersonatorTree = folder.addChild("impersonatorTree");
+ impersonatorTree.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NT_REP_USER, Type.NAME);
+ impersonatorTree.setProperty(JcrConstants.JCR_UUID, new
UserProvider(root,
ConfigurationParameters.EMPTY).getContentID("impersonator1"));
+
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1"),
mockPropertyDefinition(NT_REP_USER, true)));
+ assertTrue(importer.handlePropInfo(impersonatorTree,
createPropInfo(REP_PRINCIPAL_NAME, "impersonator1"),
mockPropertyDefinition(NT_REP_AUTHORIZABLE, false)));
+
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableList.of("impersonator1"),
impersonators.getValue(Type.STRINGS));
+ }
+
+ @Test
+ public void testNewImpersonator2() throws Exception {
+ Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
+ Tree impersonatorTree = folder.addChild("impersonatorTree");
+ impersonatorTree.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NT_REP_USER, Type.NAME);
+ impersonatorTree.setProperty(JcrConstants.JCR_UUID, new
UserProvider(root,
ConfigurationParameters.EMPTY).getContentID("impersonator1"));
+
+ // NOTE: reversed over of import compared to 'testNewImpersonator'
+ assertTrue(importer.handlePropInfo(impersonatorTree,
createPropInfo(REP_PRINCIPAL_NAME, "impersonator1"),
mockPropertyDefinition(NT_REP_AUTHORIZABLE, false)));
+ assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1"),
mockPropertyDefinition(NT_REP_USER, true)));
+
+ importer.processReferences();
+
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ assertNotNull(impersonators);
+ assertEquals(ImmutableList.of("impersonator1"),
impersonators.getValue(Type.STRINGS));
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java?rev=1790013&r1=1790012&r2=1790013&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java
Mon Apr 3 15:46:17 2017
@@ -74,131 +74,7 @@ import static org.junit.Assert.assertNul
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.when;
-public class UserImporterTest extends AbstractSecurityTest implements
UserConstants {
-
- private static final String TEST_USER_ID = "uid";
- private static final String TEST_GROUP_ID = "gid";
-
- private TestAction testAction;
- AuthorizableActionProvider actionProvider = new
AuthorizableActionProvider() {
- @Nonnull
- @Override
- public List<? extends AuthorizableAction>
getAuthorizableActions(@Nonnull SecurityProvider securityProvider) {
- return (testAction == null) ?
ImmutableList.<AuthorizableAction>of() : ImmutableList.of(testAction);
- }
- };
-
- private User testUser;
-
- private ReferenceChangeTracker refTracker = new ReferenceChangeTracker();
-
- UserImporter importer;
-
- @Override
- public void before() throws Exception {
- super.before();
-
- testUser = getTestUser();
- importer = new UserImporter(getImportConfig());
- }
-
- @Override
- public void after() throws Exception {
- try {
- refTracker.clear();
- root.refresh();
- } finally {
- super.after();
- }
- }
-
- ConfigurationParameters getImportConfig() {
- return
getSecurityConfigParameters().getConfigValue(UserConfiguration.NAME,
ConfigurationParameters.EMPTY);
- }
-
- String getImportBehavior() {
- return ImportBehavior.NAME_IGNORE;
- }
-
- @Override
- protected ConfigurationParameters getSecurityConfigParameters() {
- ConfigurationParameters userParams = ConfigurationParameters.of(
- UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER,
actionProvider,
- ProtectedItemImporter.PARAM_IMPORT_BEHAVIOR,
getImportBehavior()
- );
- return ConfigurationParameters.of(UserConfiguration.NAME, userParams);
- }
-
- Session mockJackrabbitSession() throws Exception {
- JackrabbitSession s = Mockito.mock(JackrabbitSession.class);
- when(s.getUserManager()).thenReturn(getUserManager(root));
- return s;
- }
-
- boolean isWorkspaceImport() {
- return false;
- }
-
-
- boolean init() throws Exception {
- return init(false);
- }
-
- boolean init(boolean createAction) throws Exception {
- if (createAction) {
- testAction = new TestAction();
- }
- return importer.init(mockJackrabbitSession(), root,
getNamePathMapper(), isWorkspaceImport(),
ImportUUIDBehavior.IMPORT_UUID_COLLISION_REMOVE_EXISTING, refTracker,
getSecurityProvider());
- }
-
- private Tree createUserTree() {
- Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
- Tree userTree = folder.addChild("userTree");
- userTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_USER,
Type.NAME);
- userTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_USER_ID));
- return userTree;
- }
-
- private Tree createGroupTree() throws Exception {
- String groupPath =
getUserConfiguration().getParameters().getConfigValue(PARAM_GROUP_PATH,
DEFAULT_GROUP_PATH);
-
- NodeUtil node = new NodeUtil(root.getTree(PathUtils.ROOT_PATH));
- NodeUtil groupRoot =
node.getOrAddTree(PathUtils.relativize(PathUtils.ROOT_PATH, groupPath),
NT_REP_AUTHORIZABLE_FOLDER);
-
- Tree groupTree = groupRoot.addChild("testGroup",
NT_REP_GROUP).getTree();
- groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID));
- return groupTree;
- }
-
- private PropInfo createPropInfo(@Nonnull String name, final String...
values) {
- List<TextValue> txtValues = Lists.newArrayList();
- for (final String v : values) {
- txtValues.add(new TextValue() {
- @Override
- public String getString() {
- return v;
- }
-
- @Override
- public Value getValue(int targetType) throws
RepositoryException {
- return getValueFactory(root).createValue(v, targetType);
- }
-
- @Override
- public void dispose() {
- //nop
- }
- });
- }
- return new PropInfo(name, PropertyType.STRING, txtValues);
- }
-
- private PropertyDefinition mockPropertyDefinition(@Nonnull String
declaringNt, boolean mv) throws Exception {
- PropertyDefinition def = Mockito.mock(PropertyDefinition.class);
- when(def.isMultiple()).thenReturn(mv);
-
when(def.getDeclaringNodeType()).thenReturn(ReadOnlyNodeTypeManager.getInstance(root,
getNamePathMapper()).getNodeType(declaringNt));
- return def;
- }
+public class UserImporterTest extends UserImporterBaseTest implements
UserConstants {
//---------------------------------------------------------------< init
>---
@Test
@@ -460,32 +336,6 @@ public class UserImporterTest extends Ab
importer.processReferences();
}
- @Test
- public void testProcessUnknownImpersonators() throws Exception {
- init();
- Tree userTree = createUserTree();
- assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1", "impersonator2"),
mockPropertyDefinition(NT_REP_USER, true)));
-
- importer.processReferences();
-
- // default importbehavior == IGNORE
- PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
- assertNull(impersonators);
- }
-
- @Test
- public void testProcessImpersonators() throws Exception {
- init();
- Tree userTree = createUserTree();
- assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, testUser.getPrincipal().getName()),
mockPropertyDefinition(NT_REP_USER, true)));
-
- importer.processReferences();
-
- PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
- assertNotNull(impersonators);
- assertEquals(ImmutableList.of(testUser.getPrincipal().getName()),
impersonators.getValue(Type.STRINGS));
- }
-
//------------------------------------------------< propertiesCompleted
>---
@Test
@@ -550,68 +400,4 @@ public class UserImporterTest extends Ab
importer.propertiesCompleted(root.getTree(testUser.getPath()));
testAction.checkMethods();
}
-
-
//--------------------------------------------------------------------------
-
- private final class TestAction implements AuthorizableAction, GroupAction {
-
- private List<String> methodCalls = new ArrayList();
-
- private void clear() {
- methodCalls.clear();
- }
-
- private void checkMethods(String... expected) {
- assertEquals(ImmutableList.copyOf(expected), methodCalls);
- }
-
- @Override
- public void init(SecurityProvider securityProvider,
ConfigurationParameters config) {
- }
-
- @Override
- public void onCreate(Group group, Root root, NamePathMapper
namePathMapper) throws RepositoryException {
- methodCalls.add("onCreate-Group");
- }
-
- @Override
- public void onCreate(User user, String password, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
- methodCalls.add("onCreate-User");
- }
-
- @Override
- public void onRemove(Authorizable authorizable, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
- methodCalls.add("onRemove");
- }
-
- @Override
- public void onPasswordChange(User user, String newPassword, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
- methodCalls.add("onPasswordChange");
- }
-
- @Override
- public void onMemberAdded(Group group, Authorizable member, Root root,
NamePathMapper namePathMapper) throws RepositoryException {
- methodCalls.add("onMemberAdded");
- }
-
- @Override
- public void onMembersAdded(Group group, Iterable<String> memberIds,
Iterable<String> failedIds, Root root, NamePathMapper namePathMapper) throws
RepositoryException {
- methodCalls.add("onMembersAdded");
- }
-
- @Override
- public void onMembersAddedContentId(Group group, Iterable<String>
memberContentIds, Iterable<String> failedIds, Root root, NamePathMapper
namePathMapper) throws RepositoryException {
- methodCalls.add("onMembersAddedContentId");
- }
-
- @Override
- public void onMemberRemoved(Group group, Authorizable member, Root
root, NamePathMapper namePathMapper) throws RepositoryException {
- methodCalls.add("onMemberRemoved");
- }
-
- @Override
- public void onMembersRemoved(Group group, Iterable<String> memberIds,
Iterable<String> failedIds, Root root, NamePathMapper namePathMapper) throws
RepositoryException {
- methodCalls.add("onMembersRemoved");
- }
- }
}
\ No newline at end of file
