Author: angela Date: Thu Apr 5 13:51:03 2018 New Revision: 1828434 URL: http://svn.apache.org/viewvc?rev=1828434&view=rev Log: OAK-3008 : Training material for Oak security (wip)
Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L7_PermissionContentTest.java Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L7_PermissionContentTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L7_PermissionContentTest.java?rev=1828434&r1=1828433&r2=1828434&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L7_PermissionContentTest.java (original) +++ jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L7_PermissionContentTest.java Thu Apr 5 13:51:03 2018 @@ -16,9 +16,17 @@ */ package org.apache.jackrabbit.oak.exercise.security.authorization.permission; +import javax.jcr.GuestCredentials; + import org.apache.jackrabbit.oak.AbstractSecurityTest; +import org.apache.jackrabbit.oak.api.ContentSession; +import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.api.Tree; import org.junit.Test; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + /** * <pre> * Module: Authorization (Permission Evaluation) @@ -62,20 +70,41 @@ import org.junit.Test; * Question: Can you explain why the permission store is read-only? * Question: Can you identify the class(es) responsible for enforcing the read-only nature? * - * - {@link #TODO} - * * </pre> */ public class L7_PermissionContentTest extends AbstractSecurityTest { - @Test - public void testReadOnly() { - // TODO - } + String permissionStorePath = null; // EXERCISE: specify the path to the permission store root node @Test public void testAdministrativeAccessOnly() { - // TODO + Root root = adminSession.getLatestRoot(); + Tree permissionStoreTree = root.getTree(permissionStorePath); + assertTrue(permissionStoreTree.exists()); + + // EXERCISE : explain the content structure of the permission store + Tree wspTree = permissionStoreTree.getChild(adminSession.getWorkspaceName()); + for (Tree t : wspTree.getChildren()) { + System.out.println(t.getName()); + } + + // EXERCISE : pick one child tree above and inspect the subtree + // - what does the name of the child stand for? + // - explain the structure + String name = null; // EXERCISE + Tree child = wspTree.getChild(name); + + // EXERCISE: walk through the tree structure and look at the properties } + @Test + public void testReadOnly() throws Exception { + ContentSession guestSession = login(new GuestCredentials()); + + Root root = guestSession.getLatestRoot(); + Tree permissionStoreTree = root.getTree(permissionStorePath); + + // EXERCISE: explain the fact that the tree does not exist + assertFalse(permissionStoreTree.exists()); + } } \ No newline at end of file