oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/PrincipalACLTest.java - jackrabbit-oak - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.jackrabbit.oak.security.authorization.accesscontrol;

 import java.security.Principal;
 import javax.jcr.PropertyType;
 import javax.jcr.RepositoryException;
 import javax.jcr.UnsupportedRepositoryOperationException;
 import javax.jcr.ValueFactory;
 import javax.jcr.security.AccessControlEntry;
 import javax.jcr.security.AccessControlList;
 import javax.jcr.security.AccessControlPolicy;

 import com.google.common.collect.ImmutableMap;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
 import org.apache.jackrabbit.api.security.principal.JackrabbitPrincipal;
 import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
 import org.jetbrains.annotations.NotNull;
 import org.junit.Before;
 import org.junit.Test;

 import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_GLOB;
 import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_NODE_PATH;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotEquals;

 public class PrincipalACLTest extends AbstractAccessControlTest {

     private ACL principalAcl;

     @Override
     @Before
     public void before() throws Exception {
         super.before();

         JackrabbitAccessControlManager acMgr = getAccessControlManager(root);
         AccessControlList policy = AccessControlUtils.getAccessControlList(acMgr, TEST_PATH);
         policy.addAccessControlEntry(testPrincipal, testPrivileges);
         policy.addAccessControlEntry(EveryonePrincipal.getInstance(), testPrivileges);
         acMgr.setPolicy(TEST_PATH, policy);
         root.commit();

         principalAcl = getPrincipalAcl(acMgr, testPrincipal);
     }

     @NotNull
     private static ACL getPrincipalAcl(@NotNull JackrabbitAccessControlManager acMgr, @NotNull Principal testPrincipal) throws RepositoryException {
         for (AccessControlPolicy acp : acMgr.getPolicies(testPrincipal)) {
             if (acp instanceof ACL) {
                 return (ACL) acp;
             }
         }
         throw new RuntimeException("no principal acl found");
     }

     @Test(expected = UnsupportedRepositoryOperationException.class)
     public void testReorder() throws Exception {
         AccessControlEntry[] entries = principalAcl.getAccessControlEntries();
         principalAcl.orderBefore(entries[0], null);
     }

     @Test
     public void testEquals() throws Exception {
         assertEquals(principalAcl, principalAcl);
         assertEquals(principalAcl, getPrincipalAcl(getAccessControlManager(root), testPrincipal));
     }

     @Test
     public void testEqualsDifferentPrincipal() throws Exception {
         assertNotEquals(principalAcl, getPrincipalAcl(getAccessControlManager(root), EveryonePrincipal.getInstance()));
     }

     @Test
     public void testEqualsDifferentACL() throws Exception {
         assertNotEquals(principalAcl, AccessControlUtils.getAccessControlList(getAccessControlManager(root), TEST_PATH));
     }

     @Test
     public void testEqualsDifferentPath() throws Exception {
         ACL acl = getPrincipalAcl(getAccessControlManager(root), new PrincipalImpl(testPrincipal.getName()));
         assertNotEquals(principalAcl, acl);
     }

     @Test
     public void testEqualsDifferentEntries() throws Exception {
         ValueFactory vf = getValueFactory(root);
         ACL acl = getPrincipalAcl(getAccessControlManager(root), testPrincipal);
         acl.addEntry(testPrincipal, privilegesFromNames(JCR_VERSION_MANAGEMENT), true,
                 ImmutableMap.of(REP_GLOB, vf.createValue("/subtree/*"), REP_NODE_PATH, vf.createValue(TEST_PATH)));
         assertNotEquals(principalAcl, acl);
     }

     @Test
     public void testHashCode() {
         assertEquals(0, principalAcl.hashCode());
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.jackrabbit.oak.security.authorization.accesscontrol;

	import java.security.Principal;
	import javax.jcr.PropertyType;
	import javax.jcr.RepositoryException;
	import javax.jcr.UnsupportedRepositoryOperationException;
	import javax.jcr.ValueFactory;
	import javax.jcr.security.AccessControlEntry;
	import javax.jcr.security.AccessControlList;
	import javax.jcr.security.AccessControlPolicy;

	import com.google.common.collect.ImmutableMap;
	import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
	import org.apache.jackrabbit.api.security.principal.JackrabbitPrincipal;
	import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
	import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
	import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
	import org.jetbrains.annotations.NotNull;
	import org.junit.Before;
	import org.junit.Test;

	import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_GLOB;
	import static org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants.REP_NODE_PATH;
	import static org.junit.Assert.assertEquals;
	import static org.junit.Assert.assertNotEquals;

	public class PrincipalACLTest extends AbstractAccessControlTest {

	private ACL principalAcl;

	@Override
	@Before
	public void before() throws Exception {
	super.before();

	JackrabbitAccessControlManager acMgr = getAccessControlManager(root);
	AccessControlList policy = AccessControlUtils.getAccessControlList(acMgr, TEST_PATH);
	policy.addAccessControlEntry(testPrincipal, testPrivileges);
	policy.addAccessControlEntry(EveryonePrincipal.getInstance(), testPrivileges);
	acMgr.setPolicy(TEST_PATH, policy);
	root.commit();

	principalAcl = getPrincipalAcl(acMgr, testPrincipal);
	}

	@NotNull
	private static ACL getPrincipalAcl(@NotNull JackrabbitAccessControlManager acMgr, @NotNull Principal testPrincipal) throws RepositoryException {
	for (AccessControlPolicy acp : acMgr.getPolicies(testPrincipal)) {
	if (acp instanceof ACL) {
	return (ACL) acp;
	}
	}
	throw new RuntimeException("no principal acl found");
	}

	@Test(expected = UnsupportedRepositoryOperationException.class)
	public void testReorder() throws Exception {
	AccessControlEntry[] entries = principalAcl.getAccessControlEntries();
	principalAcl.orderBefore(entries[0], null);
	}

	@Test
	public void testEquals() throws Exception {
	assertEquals(principalAcl, principalAcl);
	assertEquals(principalAcl, getPrincipalAcl(getAccessControlManager(root), testPrincipal));
	}

	@Test
	public void testEqualsDifferentPrincipal() throws Exception {
	assertNotEquals(principalAcl, getPrincipalAcl(getAccessControlManager(root), EveryonePrincipal.getInstance()));
	}

	@Test
	public void testEqualsDifferentACL() throws Exception {
	assertNotEquals(principalAcl, AccessControlUtils.getAccessControlList(getAccessControlManager(root), TEST_PATH));
	}

	@Test
	public void testEqualsDifferentPath() throws Exception {
	ACL acl = getPrincipalAcl(getAccessControlManager(root), new PrincipalImpl(testPrincipal.getName()));
	assertNotEquals(principalAcl, acl);
	}

	@Test
	public void testEqualsDifferentEntries() throws Exception {
	ValueFactory vf = getValueFactory(root);
	ACL acl = getPrincipalAcl(getAccessControlManager(root), testPrincipal);
	acl.addEntry(testPrincipal, privilegesFromNames(JCR_VERSION_MANAGEMENT), true,
	ImmutableMap.of(REP_GLOB, vf.createValue("/subtree/*"), REP_NODE_PATH, vf.createValue(TEST_PATH)));
	assertNotEquals(principalAcl, acl);
	}

	@Test
	public void testHashCode() {
	assertEquals(0, principalAcl.hashCode());
	}
	}