[ https://issues.apache.org/jira/browse/OAK-4219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dominique Jäggi updated OAK-4219: --------------------------------- Fix Version/s: 1.4.7 > ExternalLoginModuleTestBase doesn't remove synced User/Group accounts > --------------------------------------------------------------------- > > Key: OAK-4219 > URL: https://issues.apache.org/jira/browse/OAK-4219 > Project: Jackrabbit Oak > Issue Type: Bug > Components: auth-external > Reporter: angela > Assignee: angela > Fix For: 1.5.2, 1.4.7 > > > Looking at the {{ExternalLoginModuleTestBase}} I got the impression that the > cleanup of user/group accounts is effectively broken. > The current code looks as follows: > - in the before method the list of existing authorizables is collected > - in the after method the following code is executed: > {code} > UserManager userManager = getUserManager(root); > Iterator<Authorizable> iter = > userManager.findAuthorizables("jcr:primaryType", null); > while (iter.hasNext()) { > ids.remove(iter.next().getID()); > } > for (String id : ids) { > Authorizable a = userManager.getAuthorizable(id); > if (a != null) { > a.remove(); > } > } > {code} > I might be totally mistaken but IMHO looks troublesome. Introducing an > assertion after this verifying that the user with the external-test-id has > been removed will actually fail... and I assume that this would have been the > expected outcome. > So, I would have expected the after-method to remove all users/groups > _except_ those gather in the before-call, which would be considered built-in > to the repository. -- This message was sent by Atlassian JIRA (v6.3.4#6332)