Author: angela
Date: Fri Jan 18 14:50:29 2019
New Revision: 1851625
URL: http://svn.apache.org/viewvc?rev=1851625&view=rev
Log:
OAK-7993 : CompositeAuthorizationConfiguration.getRestrictionProvider() should
filter duplications
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfigurationTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java?rev=1851625&r1=1851624&r2=1851625&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
Fri Jan 18 14:50:29 2019
@@ -18,6 +18,7 @@ package org.apache.jackrabbit.oak.securi
import java.security.Principal;
import java.util.ArrayList;
+import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import javax.jcr.security.AccessControlManager;
@@ -146,7 +147,7 @@ public class CompositeAuthorizationConfi
case 0: return RestrictionProvider.EMPTY;
case 1: return configurations.get(0).getRestrictionProvider();
default:
- List<RestrictionProvider> rps = new
ArrayList<>(configurations.size());
+ Set<RestrictionProvider> rps = new
LinkedHashSet<>(configurations.size());
for (AuthorizationConfiguration c : configurations) {
RestrictionProvider rp = c.getRestrictionProvider();
if (RestrictionProvider.EMPTY != rp) {
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfigurationTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfigurationTest.java?rev=1851625&r1=1851624&r2=1851625&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfigurationTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfigurationTest.java
Fri Jan 18 14:50:29 2019
@@ -25,6 +25,7 @@ import javax.jcr.security.AccessControlM
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import
org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import
org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
import
org.apache.jackrabbit.oak.spi.security.authorization.OpenAuthorizationConfiguration;
import
org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider;
@@ -33,11 +34,13 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
import org.jetbrains.annotations.NotNull;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.when;
public class CompositeAuthorizationConfigurationTest extends
AbstractSecurityTest {
@@ -141,15 +144,35 @@ public class CompositeAuthorizationConfi
@Test
public void testMultipleRestrictionProvider() {
- CompositeAuthorizationConfiguration cc = getCompositeConfiguration(
- createAuthorizationConfigurationImpl(),
- createAuthorizationConfigurationImpl());
+ // 2 authorization configuration with different RestrictionProvider
+ AuthorizationConfiguration ac = createAuthorizationConfigurationImpl();
+ AuthorizationConfiguration ac2 =
Mockito.mock(AuthorizationConfiguration.class);
+
when(ac2.getRestrictionProvider()).thenReturn(Mockito.mock(RestrictionProvider.class));
+ when(ac2.getParameters()).thenReturn(ConfigurationParameters.EMPTY);
+
+ CompositeAuthorizationConfiguration cc = getCompositeConfiguration(ac,
ac2);
RestrictionProvider rp = cc.getRestrictionProvider();
assertTrue(rp instanceof CompositeRestrictionProvider);
}
@Test
+ public void testRedundantRestrictionProvider() {
+ // 2 authorization configuration sharing the same RestrictionProvider
+ AuthorizationConfiguration ac = createAuthorizationConfigurationImpl();
+ AuthorizationConfiguration ac2 =
Mockito.mock(AuthorizationConfiguration.class);
+
when(ac2.getRestrictionProvider()).thenReturn(ac.getRestrictionProvider());
+ when(ac2.getParameters()).thenReturn(ConfigurationParameters.EMPTY);
+
+ CompositeAuthorizationConfiguration cc = getCompositeConfiguration(ac,
ac2);
+
+ // composite should detect the duplication
+ RestrictionProvider rp = cc.getRestrictionProvider();
+ assertFalse(rp instanceof CompositeRestrictionProvider);
+ assertSame(ac.getRestrictionProvider(), rp);
+ }
+
+ @Test
public void testMultipleWithEmptyRestrictionProvider() {
CompositeAuthorizationConfiguration cc = getCompositeConfiguration(
createAuthorizationConfigurationImpl(),
