Author: angela
Date: Fri Mar 22 16:32:58 2019
New Revision: 1856068
URL: http://svn.apache.org/viewvc?rev=1856068&view=rev
Log:
OAK-8036 : Improve test in oak-security-spi (wip)
Added:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstantsTest.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionConstantsTest.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProviderTest.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-security-spi/pom.xml
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/AllTreePermissionTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyPermissionProviderTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyTreePermissionTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/NoRecurseTreePermissionTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalConfigurationTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProviderTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipalTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImplTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlActionTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Modified: jackrabbit/oak/trunk/oak-security-spi/pom.xml
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/pom.xml?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-security-spi/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-security-spi/pom.xml Fri Mar 22 16:32:58 2019
@@ -34,7 +34,7 @@
<properties>
<!-- enable execution of jacoco and set minimal line coverage -->
<skip.coverage>false</skip.coverage>
- <minimum.coverage>0.92</minimum.coverage>
+ <minimum.coverage>0.94</minimum.coverage>
</properties>
<build>
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/CompositeTokenProviderTest.java
Fri Mar 22 16:32:58 2019
@@ -33,20 +33,23 @@ import static org.junit.Assert.assertFal
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
public class CompositeTokenProviderTest {
private static final String TOKEN = "t";
+ private static final String USERID = "userId";
private TokenInfo info;
private TokenProvider composite;
@Before
public void before() {
- info = Mockito.mock(TokenInfo.class);
- Mockito.when(info.getToken()).thenReturn(TOKEN);
+ info = mock(TokenInfo.class);
+ when(info.getToken()).thenReturn(TOKEN);
- TokenProvider tp1 = Mockito.mock(TokenProvider.class);
+ TokenProvider tp1 = mock(TokenProvider.class);
TokenProvider tp2 = new TestTokenProvider();
composite = CompositeTokenProvider.newInstance(tp1, tp2);
@@ -64,7 +67,7 @@ public class CompositeTokenProviderTest
assertFalse(tp.doCreateToken(creds));
assertNull(tp.createToken(null, null));
- assertNull(tp.createToken("userID", ImmutableMap.<String,
String>of()));
+ assertNull(tp.createToken(USERID, ImmutableMap.<String, String>of()));
assertNull(tp.createToken(null));
assertNull(tp.createToken(creds));
@@ -75,7 +78,7 @@ public class CompositeTokenProviderTest
@Test
public void testSingleProvider() {
- TokenProvider base = Mockito.mock(TokenProvider.class);
+ TokenProvider base = mock(TokenProvider.class);
TokenProvider tp = CompositeTokenProvider.newInstance(base);
@@ -90,29 +93,44 @@ public class CompositeTokenProviderTest
@Test
public void testCreateCompositeProviderFromList() {
- TokenProvider base = Mockito.mock(TokenProvider.class);
+ TokenProvider base = mock(TokenProvider.class);
TokenProvider tp =
CompositeTokenProvider.newInstance(ImmutableList.of(base, base));
assertTrue(tp instanceof CompositeTokenProvider);
}
@Test
public void testDoCreateToken() {
- assertTrue(composite.doCreateToken(new SimpleCredentials("id", new
char[0])));
+ assertTrue(composite.doCreateToken(new SimpleCredentials(USERID, new
char[0])));
assertFalse(composite.doCreateToken(new GuestCredentials()));
assertFalse(composite.doCreateToken(new Credentials() {}));
}
@Test
public void testCreateTokenFromCredentials() {
- assertSame(info, composite.createToken(new SimpleCredentials("id", new
char[0])));
+ assertSame(info, composite.createToken(new SimpleCredentials(USERID,
new char[0])));
assertNull(composite.createToken(new GuestCredentials()));
assertNull(composite.createToken(new Credentials() {
}));
}
- @Test(expected = UnsupportedOperationException.class)
+ @Test
public void testCreateTokenFromId() {
- composite.createToken("id", ImmutableMap.<String, Object>of());
+ assertSame(info, composite.createToken(USERID, ImmutableMap.of()));
+ }
+
+ @Test
+ public void testCreateTokenFromUnknownId() {
+ assertNull(composite.createToken("unknown", ImmutableMap.of()));
+ }
+
+ @Test
+ public void testCreateTokenFromIdFirstWins() {
+ TokenInfo ti = mock(TokenInfo.class);
+ TokenProvider tp1 = when(mock(TokenProvider.class).createToken(USERID,
ImmutableMap.of())).thenReturn(ti).getMock();
+ TokenProvider tp2 = new TestTokenProvider();
+
+ TokenProvider ctp = CompositeTokenProvider.newInstance(tp1, tp2);
+ assertSame(ti, ctp.createToken(USERID, ImmutableMap.of()));
}
@Test
@@ -140,8 +158,11 @@ public class CompositeTokenProviderTest
@Nullable
@Override
public TokenInfo createToken(@NotNull String userId, @NotNull
Map<String, ?> attributes) {
- throw new UnsupportedOperationException();
-
+ if (USERID.equals(userId)) {
+ return info;
+ } else {
+ return null;
+ }
}
@Nullable
Added:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstantsTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstantsTest.java?rev=1856068&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstantsTest.java
(added)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstantsTest.java
Fri Mar 22 16:32:58 2019
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.token;
+
+import com.google.common.collect.ImmutableSet;
+import org.junit.Test;
+
+import static
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE;
+import static
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE_EXPIRY;
+import static
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE_KEY;
+import static org.junit.Assert.assertEquals;
+
+public class TokenConstantsTest {
+
+ @Test
+ public void testReservedAttributes() {
+ assertEquals(ImmutableSet.of(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_EXPIRY,
TOKEN_ATTRIBUTE_KEY), TokenConstants.RESERVED_ATTRIBUTES);
+ }
+
+ @Test
+ public void testPropertyNames() {
+ assertEquals(ImmutableSet.of(TOKEN_ATTRIBUTE_EXPIRY,
TOKEN_ATTRIBUTE_KEY), TokenConstants.TOKEN_PROPERTY_NAMES);
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstantsTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/AllTreePermissionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/AllTreePermissionTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/AllTreePermissionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/AllTreePermissionTest.java
Fri Mar 22 16:32:58 2019
@@ -21,6 +21,8 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.junit.Test;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
@@ -63,4 +65,10 @@ public class AllTreePermissionTest {
public void testIsGrantedProperty() {
assertTrue(all.isGranted(Permissions.ALL, property));
}
+
+ @Test
+ public void testToString() {
+ assertEquals(all.toString(), TreePermission.ALL.toString());
+ assertNotEquals(all.toString(), TreePermission.NO_RECOURSE.toString());
+ }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyPermissionProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyPermissionProviderTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyPermissionProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyPermissionProviderTest.java
Fri Mar 22 16:32:58 2019
@@ -24,6 +24,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.junit.Test;
import org.mockito.Mockito;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
@@ -64,4 +65,9 @@ public class EmptyPermissionProviderTest
public void testIsGrantedActions() {
assertFalse(emptyProvider.isGranted("/", Session.ACTION_READ));
}
+
+ @Test
+ public void testRefreshMustNotFail() {
+ emptyProvider.refresh();
+ }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyTreePermissionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyTreePermissionTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyTreePermissionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/EmptyTreePermissionTest.java
Fri Mar 22 16:32:58 2019
@@ -21,7 +21,9 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.junit.Test;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertSame;
public class EmptyTreePermissionTest {
@@ -64,4 +66,9 @@ public class EmptyTreePermissionTest {
assertFalse(empty.isGranted(Permissions.ALL, property));
}
+ @Test
+ public void testToString() {
+ assertEquals(empty.toString(), TreePermission.EMPTY.toString());
+ assertNotEquals(empty.toString(), TreePermission.ALL.toString());
+ }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/NoRecurseTreePermissionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/NoRecurseTreePermissionTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/NoRecurseTreePermissionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/NoRecurseTreePermissionTest.java
Fri Mar 22 16:32:58 2019
@@ -21,6 +21,9 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.junit.Test;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+
public class NoRecurseTreePermissionTest {
private final TreePermission noRecurse = TreePermission.NO_RECOURSE;
@@ -60,4 +63,10 @@ public class NoRecurseTreePermissionTest
public void testIsGrantedProperty() {
noRecurse.isGranted(Permissions.ALL, property);
}
+
+ @Test
+ public void testToString() {
+ assertEquals(noRecurse.toString(),
TreePermission.NO_RECOURSE.toString());
+ assertNotEquals(noRecurse.toString(), TreePermission.EMPTY.toString());
+ }
}
\ No newline at end of file
Added:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionConstantsTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionConstantsTest.java?rev=1856068&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionConstantsTest.java
(added)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionConstantsTest.java
Fri Mar 22 16:32:58 2019
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization.permission;
+
+import com.google.common.collect.ImmutableSet;
+import org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants;
+import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
+import org.junit.Test;
+
+import static
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants.NT_REP_PERMISSIONS;
+import static
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants.NT_REP_PERMISSION_STORE;
+import static
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants.REP_ACCESS_CONTROLLED_PATH;
+import static
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants.REP_PERMISSION_STORE;
+import static
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants.REP_PRIVILEGE_BITS;
+import static org.junit.Assert.assertEquals;
+
+public class PermissionConstantsTest {
+
+ @Test
+ public void testNtNames() {
+ assertEquals(ImmutableSet.of(NT_REP_PERMISSIONS,
NT_REP_PERMISSION_STORE), PermissionConstants.PERMISSION_NODETYPE_NAMES);
+ }
+
+ @Test
+ public void testNodeNames() {
+ assertEquals(ImmutableSet.of(REP_PERMISSION_STORE),
PermissionConstants.PERMISSION_NODE_NAMES);
+ }
+
+ @Test
+ public void testPropertyNames() {
+ assertEquals(ImmutableSet.of(REP_ACCESS_CONTROLLED_PATH,
REP_PRIVILEGE_BITS), PermissionConstants.PERMISSION_PROPERTY_NAMES);
+ }
+
+ @Test
+ public void testJr2Permissions() {
+ assertEquals(Permissions.USER_MANAGEMENT|Permissions.REMOVE_NODE,
Permissions.getPermissions(PermissionConstants.VALUE_PERMISSIONS_JR2));
+ }
+
+ @Test
+ public void testDefaultReadPaths() {
+ assertEquals(ImmutableSet.of(
+ NamespaceConstants.NAMESPACES_PATH,
+ NodeTypeConstants.NODE_TYPES_PATH,
+ PrivilegeConstants.PRIVILEGES_PATH),
PermissionConstants.DEFAULT_READ_PATHS);
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionConstantsTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
Fri Mar 22 16:32:58 2019
@@ -538,6 +538,12 @@ public class PermissionsTest {
}
@Test
+ public void testGetPermissionsMultipleNamesWithMissing() {
+ String str = Permissions.PERMISSION_NAMES.get(Permissions.READ) + ",
,," + Permissions.PERMISSION_NAMES.get(Permissions.READ);
+ assertEquals(Permissions.READ, Permissions.getPermissions(str));
+ }
+
+ @Test
public void testGetPermissionsForReservedPaths() {
Map<String, Long> mapping = ImmutableMap.of(
NamespaceConstants.NAMESPACES_PATH,
Permissions.NAMESPACE_MANAGEMENT,
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/EmptyPatternTest.java
Fri Mar 22 16:32:58 2019
@@ -21,6 +21,7 @@ import org.apache.jackrabbit.oak.api.Tre
import org.junit.Test;
import org.mockito.Mockito;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
public class EmptyPatternTest {
@@ -45,4 +46,9 @@ public class EmptyPatternTest {
assertTrue(RestrictionPattern.EMPTY.matches(Mockito.mock(Tree.class),
Mockito.mock(PropertyState.class)));
}
+ @Test
+ public void testToString() {
+ assertEquals(RestrictionPattern.EMPTY.toString(),
RestrictionPattern.EMPTY.toString());
+ }
+
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalConfigurationTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalConfigurationTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalConfigurationTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalConfigurationTest.java
Fri Mar 22 16:32:58 2019
@@ -30,6 +30,7 @@ import org.apache.jackrabbit.oak.namepat
import
org.apache.jackrabbit.oak.spi.security.AbstractCompositeConfigurationTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.junit.Before;
@@ -40,17 +41,18 @@ import static org.junit.Assert.assertEqu
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
public class CompositePrincipalConfigurationTest extends
AbstractCompositeConfigurationTest<PrincipalConfiguration> {
- private final Root root = Mockito.mock(Root.class);
+ private final Root root = mock(Root.class);
private PrincipalConfiguration principalConfigurationMock;
@Before
public void before() {
compositeConfiguration = new CompositePrincipalConfiguration();
- principalConfigurationMock =
Mockito.mock(PrincipalConfiguration.class);
+ principalConfigurationMock = mock(PrincipalConfiguration.class);
Mockito.when(principalConfigurationMock.getParameters()).thenReturn(ConfigurationParameters.EMPTY);
}
@@ -136,6 +138,23 @@ public class CompositePrincipalConfigura
assertSize(2, (CompositePrincipalProvider) pp);
}
+ @Test
+ public void testInitWithSecurityProvider() {
+ SecurityProvider sp = mock(SecurityProvider.class);
+ TestComposite cpc = new TestComposite(sp);
+
+ assertSame(PrincipalConfiguration.NAME, cpc.getName());
+ assertSame(sp, cpc.getSecurityProvider());
+ }
+
+ private final class TestComposite extends CompositePrincipalConfiguration {
+ TestComposite(@NotNull SecurityProvider securityProvider) {
+ super(securityProvider);
+ }
+ public SecurityProvider getSecurityProvider() {
+ return super.getSecurityProvider();
+ }
+ }
private final class TestPrincipalConfiguration extends ConfigurationBase
implements PrincipalConfiguration {
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
Fri Mar 22 16:32:58 2019
@@ -46,6 +46,8 @@ import static org.junit.Assert.assertNot
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.anyBoolean;
+import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -112,7 +114,14 @@ public class CompositePrincipalProviderT
}
@Test
- public void getGroupMembership() {
+ public void testGetGroupMembership() {
+ for (Principal principal : testPrincipals()) {
+ assertTrue(cpp.getGroupMembership(principal).isEmpty());
+ }
+ }
+
+ @Test
+ public void testGetMembershipPrincipals() {
for (Principal principal : testPrincipals()) {
boolean atleastEveryone =
cpp.getMembershipPrincipals(principal).contains(EveryonePrincipal.getInstance());
assertTrue("All principals (except everyone) must be member of the
everyone group. Violation: "+principal.getName(), atleastEveryone);
@@ -120,7 +129,7 @@ public class CompositePrincipalProviderT
}
@Test
- public void getGroupMembershipUnknown() {
+ public void testGetMembershipPrincipalsUnknown() {
assertTrue(cpp.getMembershipPrincipals(TestPrincipalProvider.UNKNOWN).isEmpty());
}
@@ -265,4 +274,20 @@ public class CompositePrincipalProviderT
List<String> out = getNames(cpp.findPrincipals(null, true, 1, 0, -1));
assertEquals(expected, out);
}
+
+ @Test
+ public void testFindWithOffsetLimit() {
+ Iterator principals = new TestPrincipalProvider("p1", "p2", "p3",
"p4").getTestPrincipals().iterator();
+ PrincipalProvider pp = mock(PrincipalProvider.class);
+ // NOTE: CompositePrincipalProvider passes 0 offset to the aggregated
provider!
+ when(pp.findPrincipals("p", false, PrincipalManager.SEARCH_TYPE_ALL,
0, 1)).thenReturn(principals);
+
+ PrincipalProvider cpp =
CompositePrincipalProvider.of(ImmutableList.of(pp,
EmptyPrincipalProvider.INSTANCE));
+
+ Iterator<? extends Principal> it = cpp.findPrincipals("p", false,
PrincipalManager.SEARCH_TYPE_ALL, 2, 1);
+ assertTrue(it.hasNext());
+ Principal p = it.next();
+ assertEquals("p3", p.getName());
+ assertFalse(it.hasNext());
+ }
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProviderTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProviderTest.java
Fri Mar 22 16:32:58 2019
@@ -24,6 +24,7 @@ import org.junit.Test;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
public class EmptyPrincipalProviderTest {
@@ -39,6 +40,11 @@ public class EmptyPrincipalProviderTest
@Test
public void testGetGroupMembership() {
+
assertTrue(principalProvider.getGroupMembership(mock(Principal.class)).isEmpty());
+ }
+
+ @Test
+ public void testGetMembershipPrincipals() {
assertTrue(principalProvider.getMembershipPrincipals(EveryonePrincipal.getInstance()).isEmpty());
assertTrue(principalProvider.getMembershipPrincipals(new
PrincipalImpl(EveryonePrincipal.NAME)).isEmpty());
assertTrue(principalProvider.getMembershipPrincipals(testPrincipal).isEmpty());
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipalTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipalTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipalTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipalTest.java
Fri Mar 22 16:32:58 2019
@@ -29,10 +29,11 @@ import static org.junit.Assert.assertNot
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
public class EveryonePrincipalTest {
- private final Principal everyone = EveryonePrincipal.getInstance();
+ private final EveryonePrincipal everyone = EveryonePrincipal.getInstance();
@Test
public void testGetName() {
@@ -40,13 +41,23 @@ public class EveryonePrincipalTest {
}
@Test
+ public void testAddMember() {
+ assertFalse(everyone.addMember(mock(Principal.class)));
+ }
+
+ @Test(expected = UnsupportedOperationException.class)
+ public void testRemoveMember() {
+ everyone.removeMember(mock(Principal.class));
+ }
+
+ @Test
public void testIsMember() {
- assertTrue(EveryonePrincipal.getInstance().isMember(new
PrincipalImpl("test")));
+ assertTrue(everyone.isMember(new PrincipalImpl("test")));
}
@Test
public void testIsMemberSelf() {
- assertFalse(EveryonePrincipal.getInstance().isMember(everyone));
+ assertFalse(everyone.isMember(everyone));
}
@Test(expected = UnsupportedOperationException.class)
@@ -66,7 +77,7 @@ public class EveryonePrincipalTest {
@Test
public void testHashCode() {
- assertTrue(everyone.hashCode() ==
EveryonePrincipal.getInstance().hashCode());
+ assertEquals(everyone.hashCode(),
EveryonePrincipal.getInstance().hashCode());
}
@Test
@@ -76,13 +87,13 @@ public class EveryonePrincipalTest {
return EveryonePrincipal.NAME;
}
};
- assertFalse(everyone.equals(someotherEveryone));
+ assertNotEquals(everyone, someotherEveryone);
}
@Test
public void testEqualsOtherJackrabbitPrincipal() {
Principal someotherEveryone = new OtherEveryone();
- assertFalse(everyone.equals(someotherEveryone));
+ assertNotEquals(everyone, someotherEveryone);
}
@Test
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java
Fri Mar 22 16:32:58 2019
@@ -16,20 +16,25 @@
*/
package org.apache.jackrabbit.oak.spi.security.principal;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Iterators;
+import com.google.common.collect.Sets;
+import org.apache.jackrabbit.api.security.principal.GroupPrincipal;
+import org.junit.Test;
import java.security.Principal;
import java.security.acl.Group;
+import java.util.Collections;
import java.util.Enumeration;
import java.util.Set;
-import org.junit.Test;
-
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Iterators;
-import com.google.common.collect.Sets;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
public class GroupPrincipalsTest {
@@ -71,7 +76,7 @@ public class GroupPrincipalsTest {
}
@Test
- public void testTransform() {
+ public void testTransformGroupSet() {
Group g = new Group() {
@Override
@@ -104,12 +109,70 @@ public class GroupPrincipalsTest {
assertEquals(1, t.size());
Principal p = t.iterator().next();
assertEquals(p.getName(), g.getName());
+ }
+
+ @Test
+ public void testTransformEnumeration() {
+ Group g = when(mock(Group.class).getName()).thenReturn("g").getMock();
+ Set<Principal> set = ImmutableSet.of(g, mock(Principal.class),
mock(GroupPrincipal.class));
+ Enumeration<? extends Principal> e =
GroupPrincipals.transform(Collections.enumeration(set));
+
+ Set<Principal> t = Sets.newHashSet(Iterators.forEnumeration(e));
+ assertEquals(set.size(), t.size());
+ for (Principal p : t) {
+ assertFalse(p instanceof Group);
+ }
+ }
+
+ @Test
+ public void testTransformEmptyEnumeration() {
+ Enumeration members = Collections.emptyEnumeration();
+
+ Enumeration<Principal> t = GroupPrincipals.transform(members);
+ assertFalse(t.hasMoreElements());
+ }
+
+ @Test
+ public void testMembersOfNonGroup() {
+ assertEquals(Collections.emptyEnumeration(),
GroupPrincipals.members(mock(Principal.class)));
+ }
+
+ @Test
+ public void testMembersOfGroupPrincipal() {
+ GroupPrincipal gp = mock(GroupPrincipal.class);
+
+ GroupPrincipals.members(gp);
+ verify(gp, times(1)).members();
+ }
+
+ @Test
+ public void testMembersOfGroup() {
+ Group g = mock(Group.class);
+
+ GroupPrincipals.members(g);
+ verify(g, times(1)).members();
+ }
+
+ @Test
+ public void testIsMemberOfNonGroup() {
+ assertFalse(GroupPrincipals.isMember(mock(Principal.class),
mock(Principal.class)));
+ }
+
+ @Test
+ public void testIsMemberOfGroupPrincipal() {
+ GroupPrincipal gp = mock(GroupPrincipal.class);
+ Principal p = mock(Principal.class);
+
+ GroupPrincipals.isMember(gp, p);
+ verify(gp, times(1)).isMember(p);
+ }
+
+ @Test
+ public void testIsMemberOfGroup() {
+ Group g = mock(Group.class);
+ Principal p = mock(Principal.class);
- Enumeration<? extends Principal> e = GroupPrincipals
-
.transform(Iterators.asEnumeration(ImmutableSet.of(g).iterator()));
- Set<Principal> t2 = Sets.newHashSet(Iterators.forEnumeration(e));
- assertEquals(1, t2.size());
- Principal p2 = t2.iterator().next();
- assertEquals(p2.getName(), g.getName());
+ GroupPrincipals.isMember(g, p);
+ verify(g, times(1)).isMember(p);
}
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImplTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImplTest.java
Fri Mar 22 16:32:58 2019
@@ -34,6 +34,13 @@ import static org.junit.Assert.assertNot
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyBoolean;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
public class PrincipalManagerImplTest {
@@ -308,4 +315,15 @@ public class PrincipalManagerImplTest {
String unknownHint =
TestPrincipalProvider.UNKNOWN.getName().substring(0, 4);
assertFalse(principalMgr.findPrincipals(unknownHint,
PrincipalManager.SEARCH_TYPE_NOT_GROUP).hasNext());
}
+
+ @Test
+ public void testFindPrincipalsWithOffsetLimit() {
+ PrincipalProvider pp =
when(mock(PrincipalProvider.class).findPrincipals(any(), anyBoolean(),
anyInt(), anyInt(), anyInt())).thenReturn(Iterators.emptyIterator()).getMock();
+ PrincipalQueryManager pm = new PrincipalManagerImpl(pp);
+
+ PrincipalIterator it = pm.findPrincipals("filter", true,
PrincipalManager.SEARCH_TYPE_ALL, 5, 2);
+ assertTrue(it instanceof PrincipalIteratorAdapter);
+
+ verify(pp, times(1)).findPrincipals("filter", true,
PrincipalManager.SEARCH_TYPE_ALL, 5, 2);
+ }
}
Added:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProviderTest.java?rev=1856068&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProviderTest.java
(added)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProviderTest.java
Fri Mar 22 16:32:58 2019
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.principal;
+
+import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.junit.Test;
+
+import java.security.Principal;
+import java.util.Iterator;
+import java.util.Set;
+
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyBoolean;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.doCallRealMethod;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class PrincipalProviderTest {
+
+ private PrincipalProvider pp = mock(PrincipalProvider.class);
+
+ @Test
+ public void testGetItemBasedPrincipal() {
+ doCallRealMethod().when(pp).getItemBasedPrincipal("/some/path");
+ assertNull(pp.getItemBasedPrincipal("/some/path"));
+ }
+
+ @Test
+ public void testGetGroupMembership() {
+ Principal p = mock(Principal.class);
+ doCallRealMethod().when(pp).getGroupMembership(p);
+ assertTrue(pp.getGroupMembership(p).isEmpty());
+ }
+
+ @Test
+ public void testGetMembershipPrincipals() {
+ Principal p = mock(Principal.class);
+ doCallRealMethod().when(pp).getMembershipPrincipals(p);
+ assertTrue(pp.getMembershipPrincipals(p).isEmpty());
+ }
+
+
+
+ @Test(expected = IllegalArgumentException.class)
+ public void testNegativeOffset() {
+ doCallRealMethod().when(pp).findPrincipals("hint", true,
PrincipalManager.SEARCH_TYPE_GROUP, -1, 12);
+ pp.findPrincipals("hint", true, PrincipalManager.SEARCH_TYPE_GROUP,
-1, 12);
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProviderTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlActionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlActionTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlActionTest.java
Fri Mar 22 16:32:58 2019
@@ -17,10 +17,17 @@
package org.apache.jackrabbit.oak.spi.security.user.action;
import javax.jcr.RepositoryException;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.AccessControlPolicy;
+import javax.jcr.security.AccessControlPolicyIterator;
+import javax.jcr.security.Privilege;
+import com.google.common.collect.ImmutableList;
+import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
+import
org.apache.jackrabbit.commons.iterator.AccessControlPolicyIteratorAdapter;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -36,6 +43,11 @@ import org.jetbrains.annotations.Nullabl
import org.junit.Test;
import org.mockito.Mockito;
+import java.security.Principal;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
@@ -45,23 +57,43 @@ import static org.mockito.Mockito.when;
*/
public class AccessControlActionTest implements UserConstants {
- private final Root root = Mockito.mock(Root.class);
- private final SecurityProvider securityProvider =
Mockito.mock(SecurityProvider.class);
- private final UserConfiguration userConfiguration =
Mockito.mock(UserConfiguration.class);
- private final AuthorizationConfiguration authorizationConfiguration =
Mockito.mock(AuthorizationConfiguration.class);
+ private final Root root = mock(Root.class);
+ private final SecurityProvider securityProvider =
mock(SecurityProvider.class);
+ private final UserConfiguration userConfiguration =
mock(UserConfiguration.class);
+ private final AuthorizationConfiguration authorizationConfiguration =
mock(AuthorizationConfiguration.class);
+
+ private void initSecurityProvider(@NotNull String adminId, @NotNull String
anonymousId, @NotNull String... adminPrincipalNames) throws Exception {
+ initSecurityProvider(null, adminId, anonymousId, adminPrincipalNames);
+ }
- private void initSecurityProvider(@NotNull String adminId, @NotNull String
anonymousId, @NotNull String... adminPrincipalNames) {
+ private void initSecurityProvider(@Nullable AccessControlManager acMgr,
@NotNull String adminId, @NotNull String anonymousId, @NotNull String...
adminPrincipalNames) throws Exception {
when(userConfiguration.getParameters()).thenReturn(ConfigurationParameters.of(
PARAM_ADMIN_ID, adminId,
PARAM_ANONYMOUS_ID, anonymousId));
when(authorizationConfiguration.getParameters()).thenReturn(ConfigurationParameters.of(PermissionConstants.PARAM_ADMINISTRATIVE_PRINCIPALS,
adminPrincipalNames));
-
+ if (acMgr != null) {
+ when(authorizationConfiguration.getAccessControlManager(root,
NamePathMapper.DEFAULT)).thenReturn(acMgr);
+ }
when(securityProvider.getConfiguration(UserConfiguration.class)).thenReturn(userConfiguration);
when(securityProvider.getConfiguration(AuthorizationConfiguration.class)).thenReturn(authorizationConfiguration);
}
+ private AccessControlManager mockAccessControlManager(boolean
addEntrySuccess) throws Exception {
+ AccessControlManager acMgr = mock(AccessControlManager.class);
+
when(acMgr.getApplicablePolicies("/none")).thenReturn(AccessControlPolicyIteratorAdapter.EMPTY);
+ AccessControlPolicy policy = mock(AccessControlPolicy.class);
+ when(acMgr.getApplicablePolicies("/nonACL")).thenReturn(new
AccessControlPolicyIteratorAdapter(ImmutableList.of(policy)));
+ JackrabbitAccessControlList acl =
mock(JackrabbitAccessControlList.class);
+ if (addEntrySuccess) {
+ when(acl.addAccessControlEntry(any(Principal.class),
any(Privilege[].class))).thenReturn(true);
+ }
+ when(acMgr.getApplicablePolicies("/acl")).thenReturn(new
AccessControlPolicyIteratorAdapter(ImmutableList.of(acl)));
+ return acMgr;
+
+ }
+
private AccessControlAction createAction(@NotNull String... privNames) {
AccessControlAction action = new AccessControlAction();
action.init(securityProvider, ConfigurationParameters.of(
@@ -93,14 +125,14 @@ public class AccessControlActionTest imp
}
private static User mockUser(@NotNull String id, @Nullable String
principalName, @Nullable String path) throws RepositoryException {
- User user = Mockito.mock(User.class);
+ User user = mock(User.class);
when(user.isGroup()).thenReturn(false);
mockAuthorizable(user, id, principalName, path);
return user;
}
private static Group mockGroup(@NotNull String id, @Nullable String
principalName, @Nullable String path) throws RepositoryException {
- Group gr = Mockito.mock(Group.class);
+ Group gr = mock(Group.class);
when(gr.isGroup()).thenReturn(true);
mockAuthorizable(gr, id, principalName, path);
return gr;
@@ -108,12 +140,12 @@ public class AccessControlActionTest imp
@Test(expected = IllegalStateException.class)
public void testOnCreateUserMissingSecurityProvider() throws Exception {
- new AccessControlAction().onCreate(Mockito.mock(User.class), null,
root, NamePathMapper.DEFAULT);
+ new AccessControlAction().onCreate(mock(User.class), null, root,
NamePathMapper.DEFAULT);
}
@Test(expected = IllegalStateException.class)
public void testOnCreateGroupMissingSecurityProvider() throws Exception {
- new AccessControlAction().onCreate(Mockito.mock(Group.class), root,
NamePathMapper.DEFAULT);
+ new AccessControlAction().onCreate(mock(Group.class), root,
NamePathMapper.DEFAULT);
}
@Test
@@ -200,4 +232,35 @@ public class AccessControlActionTest imp
action.onCreate(gr, root, NamePathMapper.DEFAULT);
}
+ @Test
+ public void testOnCreateNoApplicablePolicy() throws Exception {
+ initSecurityProvider(mockAccessControlManager(false),
DEFAULT_ADMIN_ID, DEFAULT_ANONYMOUS_ID);
+ AccessControlAction action = createAction(PrivilegeConstants.JCR_READ);
+
+ action.onCreate(mockUser("userId", "pName", "/none"), "pw", root,
NamePathMapper.DEFAULT);
+ }
+
+ @Test
+ public void testOnCreateNoApplicableAclPolicy() throws Exception {
+ initSecurityProvider(mockAccessControlManager(false),
DEFAULT_ADMIN_ID, DEFAULT_ANONYMOUS_ID);
+ AccessControlAction action = createAction(PrivilegeConstants.JCR_READ);
+
+ action.onCreate(mockGroup("grId", "pName", "/nonACL"), root,
NamePathMapper.DEFAULT);
+ }
+
+ @Test
+ public void testOnCreateApplicableAclPolicyForGroup() throws Exception {
+ initSecurityProvider(mockAccessControlManager(false),
DEFAULT_ADMIN_ID, DEFAULT_ANONYMOUS_ID);
+ AccessControlAction action = createAction(PrivilegeConstants.JCR_READ);
+
+ action.onCreate(mockGroup("grId", "pName", "/acl"), root,
NamePathMapper.DEFAULT);
+ }
+
+ @Test
+ public void testOnCreateApplicableAclPolicyForUser() throws Exception {
+ initSecurityProvider(mockAccessControlManager(true), DEFAULT_ADMIN_ID,
DEFAULT_ANONYMOUS_ID);
+ AccessControlAction action = createAction(PrivilegeConstants.JCR_READ);
+
+ action.onCreate(mockUser("userId", "pName", "/acl"), "pw", root,
NamePathMapper.DEFAULT);
+ }
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1856068&r1=1856067&r2=1856068&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Fri Mar 22 16:32:58 2019
@@ -16,6 +16,7 @@
*/
package org.apache.jackrabbit.oak.spi.security.user.action;
+import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.List;
import javax.jcr.nodetype.ConstraintViolationException;
@@ -30,20 +31,22 @@ import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
+import static org.mockito.Mockito.mock;
public class PasswordValidationActionTest {
- private final SecurityProvider securityProvider =
Mockito.mock(SecurityProvider.class);
- private final Root root = Mockito.mock(Root.class);
- private final NamePathMapper namePathMapper =
Mockito.mock(NamePathMapper.class);
+ private final SecurityProvider securityProvider =
mock(SecurityProvider.class);
+ private final Root root = mock(Root.class);
+ private final NamePathMapper namePathMapper = mock(NamePathMapper.class);
private final PasswordValidationAction pwAction = new
PasswordValidationAction();
private User user;
@Before
public void before() {
- user = Mockito.mock(User.class);
+ user = mock(User.class);
pwAction.init(securityProvider, ConfigurationParameters.of(
PasswordValidationAction.CONSTRAINT,
"^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*"));
@@ -70,7 +73,12 @@ public class PasswordValidationActionTes
}
@Test
- public void testPasswordValidationActionInvalid() throws Exception {
+ public void testOnCreateHashedInvalidPw() throws Exception {
+ pwAction.onCreate(user, PasswordUtil.buildPasswordHash("pw1"), root,
namePathMapper);
+ }
+
+ @Test
+ public void testOnPasswordChangeInvalid() throws Exception {
List<String> invalid = new ArrayList<>();
invalid.add("pw1");
invalid.add("only6C");
@@ -89,7 +97,7 @@ public class PasswordValidationActionTes
}
@Test
- public void testPasswordValidationActionValid() throws Exception {
+ public void testOnPasswordChangeValidPw() throws Exception {
List<String> valid = new ArrayList<>();
valid.add("abCDefGH");
valid.add("Abbbbbbbbbbbb");
@@ -103,10 +111,32 @@ public class PasswordValidationActionTes
}
@Test(expected = ConstraintViolationException.class)
- public void testPasswordValidationActionOnChange() throws Exception {
+ public void testOnPasswordChange() throws Exception {
pwAction.init(securityProvider,
ConfigurationParameters.of(PasswordValidationAction.CONSTRAINT, "abc"));
String hashed = PasswordUtil.buildPasswordHash("abc");
- pwAction.onPasswordChange(user, hashed, Mockito.mock(Root.class),
Mockito.mock(NamePathMapper.class));
+ pwAction.onPasswordChange(user, hashed, root, namePathMapper);
+ }
+
+ @Test
+ public void testOnPasswordChangeNullPw() throws Exception {
+ pwAction.init(securityProvider,
ConfigurationParameters.of(PasswordValidationAction.CONSTRAINT, "abc"));
+ pwAction.onPasswordChange(user, null, root, namePathMapper);
+ }
+
+ @Test
+ public void testInvalidPattern() throws Exception {
+ PasswordValidationAction action = new PasswordValidationAction();
+ action.init(mock(SecurityProvider.class),
ConfigurationParameters.of(PasswordValidationAction.CONSTRAINT, "["));
+
+ Field f = PasswordValidationAction.class.getDeclaredField("pattern");
+ f.setAccessible(true);
+
+ // no pattern was set
+ assertNull(f.get(action));
+
+ // no pattern gets evaluated
+ action.onCreate(user, null, root, namePathMapper);
+ action.onPasswordChange(user, "]", root, namePathMapper);
}
}
