src/test/java/org/apache/sling/jcr/contentloader/it/SLING7268InitialContentIT.java - sling-org-apache-sling-jcr-contentloader - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.sling.jcr.contentloader.it;

 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;

 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;

 import javax.jcr.RepositoryException;
 import javax.jcr.security.AccessControlEntry;
 import javax.jcr.security.AccessControlList;
 import javax.jcr.security.AccessControlManager;
 import javax.jcr.security.AccessControlPolicy;
 import javax.jcr.security.Privilege;

 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.sling.commons.testing.junit.Retry;
 import org.apache.sling.jcr.base.util.AccessControlUtil;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.ops4j.pax.exam.junit.PaxExam;
 import org.ops4j.pax.tinybundles.core.TinyBundle;
 import org.osgi.framework.Bundle;

 /** test of a bundle that provides initial content that creates a user/group and defines an ace
  *  for those principals within the same transaction
  */
 @RunWith(PaxExam.class)
 public class SLING7268InitialContentIT extends ContentBundleTestBase {

 	protected TinyBundle setupTestBundle(TinyBundle b) throws IOException {
 		b.set(SLING_INITIAL_CONTENT_HEADER, DEFAULT_PATH_IN_BUNDLE + ";path:=" + contentRootPath);
 		addContent(b, DEFAULT_PATH_IN_BUNDLE, "SLING-7268.json");
 		return b;
 	}

 	@Test
 	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
 	public void bundleStarted() {
 		final Bundle b = PaxExamUtilities.findBundle(bundleContext, bundleSymbolicName);
 		assertNotNull("Expecting bundle to be found:" + bundleSymbolicName, b);
 		assertEquals("Expecting bundle to be active:" + bundleSymbolicName, Bundle.ACTIVE, b.getState());
 	}

 	@Test
 	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
 	public void initialContentInstalled() throws RepositoryException {
 		final String folderPath = contentRootPath + "/SLING-7268";
 		assertTrue("Expecting initial content to be installed", session.itemExists(folderPath));
 		assertEquals("folder has node type 'sling:Folder'", "sling:Folder", session.getNode(folderPath).getPrimaryNodeType().getName());
 	}

 	@Test
 	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
 	public void userCreated() throws RepositoryException {
 		UserManager userManager = AccessControlUtil.getUserManager(session);
 		Authorizable authorizable = userManager.getAuthorizable("sling7268_user");
 		assertNotNull("Expecting test user to exist", authorizable);
 	}

 	@Test
 	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
 	public void groupCreated() throws RepositoryException {
 		UserManager userManager = AccessControlUtil.getUserManager(session);
 		Authorizable authorizable = userManager.getAuthorizable("sling7268_group");
 		assertNotNull("Expecting test group to exist", authorizable);
 		assertTrue(authorizable instanceof Group);
 		Iterator<Authorizable> members = ((Group)authorizable).getMembers();
 		assertTrue(members.hasNext());
 		Authorizable firstMember = members.next();
 		assertEquals("sling7268_user", firstMember.getID());
 	}

 	@Test
 	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
 	public void aceCreated() throws RepositoryException {
 		final String folderPath = contentRootPath + "/SLING-7268";
 		assertTrue("Expecting test folder to exist", session.itemExists(folderPath));

 		AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
 		AccessControlPolicy[] policies = accessControlManager.getPolicies(folderPath);
 		List<AccessControlEntry> allEntries = new ArrayList<AccessControlEntry>();
 		for (AccessControlPolicy accessControlPolicy : policies) {
 			if (accessControlPolicy instanceof AccessControlList) {
 				AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
 				for (AccessControlEntry accessControlEntry : accessControlEntries) {
 					allEntries.add(accessControlEntry);
 				}
 			}
 		}
 		assertEquals(3, allEntries.size());
 		Map<String, AccessControlEntry> aceMap = new HashMap<>();
 		for (AccessControlEntry accessControlEntry : allEntries) {
 			aceMap.put(accessControlEntry.getPrincipal().getName(), accessControlEntry);
 		}

 		//check ACE for sling7268_user
 		AccessControlEntry testUserAce = aceMap.get("sling7268_user");
 		assertNotNull("Expected ACE for test user", testUserAce);
 		assertEquals("sling7268_user", testUserAce.getPrincipal().getName());
 		Privilege[] privileges = testUserAce.getPrivileges();
 		assertNotNull(privileges);
 		assertEquals(2, privileges.length);
 		Set<String> privilegeNames = new HashSet<>();
 		for (Privilege privilege : privileges) {
 			privilegeNames.add(privilege.getName());
 		}
 		assertTrue("Expecting granted read privilege", privilegeNames.contains("jcr:read"));
 		assertTrue("Expecting granted write privilege", privilegeNames.contains("jcr:write"));

 		//check ACE for sling7268_group
 		AccessControlEntry testGroupAce = aceMap.get("sling7268_group");
 		assertNotNull("Expected ACE for test user", testGroupAce);
 		assertEquals("sling7268_group", testGroupAce.getPrincipal().getName());
 		privileges = testGroupAce.getPrivileges();
 		assertNotNull(privileges);
 		assertEquals(1, privileges.length);
 		privilegeNames = new HashSet<>();
 		for (Privilege privilege : privileges) {
 			privilegeNames.add(privilege.getName());
 		}
 		assertTrue("Expecting granted modifyAccessControl privilege", privilegeNames.contains("jcr:modifyAccessControl"));

 		//check ACE for everyone group
 		AccessControlEntry everyoneAce = aceMap.get("everyone");
 		assertNotNull("Expected ACE for everyone", everyoneAce);
 		assertEquals("everyone", everyoneAce.getPrincipal().getName());
 		privileges = everyoneAce.getPrivileges();
 		assertNotNull(privileges);
 		assertEquals(1, privileges.length);

 		assertEquals("Expecting granted read privilege", "jcr:read", privileges[0].getName());
 	}
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.sling.jcr.contentloader.it;

	import static org.junit.Assert.assertEquals;
	import static org.junit.Assert.assertNotNull;
	import static org.junit.Assert.assertTrue;

	import java.io.IOException;
	import java.util.ArrayList;
	import java.util.HashMap;
	import java.util.HashSet;
	import java.util.Iterator;
	import java.util.List;
	import java.util.Map;
	import java.util.Set;

	import javax.jcr.RepositoryException;
	import javax.jcr.security.AccessControlEntry;
	import javax.jcr.security.AccessControlList;
	import javax.jcr.security.AccessControlManager;
	import javax.jcr.security.AccessControlPolicy;
	import javax.jcr.security.Privilege;

	import org.apache.jackrabbit.api.security.user.Authorizable;
	import org.apache.jackrabbit.api.security.user.Group;
	import org.apache.jackrabbit.api.security.user.UserManager;
	import org.apache.sling.commons.testing.junit.Retry;
	import org.apache.sling.jcr.base.util.AccessControlUtil;
	import org.junit.Test;
	import org.junit.runner.RunWith;
	import org.ops4j.pax.exam.junit.PaxExam;
	import org.ops4j.pax.tinybundles.core.TinyBundle;
	import org.osgi.framework.Bundle;

	/** test of a bundle that provides initial content that creates a user/group and defines an ace
	* for those principals within the same transaction
	*/
	@RunWith(PaxExam.class)
	public class SLING7268InitialContentIT extends ContentBundleTestBase {

	protected TinyBundle setupTestBundle(TinyBundle b) throws IOException {
	b.set(SLING_INITIAL_CONTENT_HEADER, DEFAULT_PATH_IN_BUNDLE + ";path:=" + contentRootPath);
	addContent(b, DEFAULT_PATH_IN_BUNDLE, "SLING-7268.json");
	return b;
	}

	@Test
	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
	public void bundleStarted() {
	final Bundle b = PaxExamUtilities.findBundle(bundleContext, bundleSymbolicName);
	assertNotNull("Expecting bundle to be found:" + bundleSymbolicName, b);
	assertEquals("Expecting bundle to be active:" + bundleSymbolicName, Bundle.ACTIVE, b.getState());
	}

	@Test
	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
	public void initialContentInstalled() throws RepositoryException {
	final String folderPath = contentRootPath + "/SLING-7268";
	assertTrue("Expecting initial content to be installed", session.itemExists(folderPath));
	assertEquals("folder has node type 'sling:Folder'", "sling:Folder", session.getNode(folderPath).getPrimaryNodeType().getName());
	}

	@Test
	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
	public void userCreated() throws RepositoryException {
	UserManager userManager = AccessControlUtil.getUserManager(session);
	Authorizable authorizable = userManager.getAuthorizable("sling7268_user");
	assertNotNull("Expecting test user to exist", authorizable);
	}

	@Test
	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
	public void groupCreated() throws RepositoryException {
	UserManager userManager = AccessControlUtil.getUserManager(session);
	Authorizable authorizable = userManager.getAuthorizable("sling7268_group");
	assertNotNull("Expecting test group to exist", authorizable);
	assertTrue(authorizable instanceof Group);
	Iterator<Authorizable> members = ((Group)authorizable).getMembers();
	assertTrue(members.hasNext());
	Authorizable firstMember = members.next();
	assertEquals("sling7268_user", firstMember.getID());
	}

	@Test
	@Retry(intervalMsec=RETRY_INTERVAL, timeoutMsec=RETRY_TIMEOUT)
	public void aceCreated() throws RepositoryException {
	final String folderPath = contentRootPath + "/SLING-7268";
	assertTrue("Expecting test folder to exist", session.itemExists(folderPath));

	AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
	AccessControlPolicy[] policies = accessControlManager.getPolicies(folderPath);
	List<AccessControlEntry> allEntries = new ArrayList<AccessControlEntry>();
	for (AccessControlPolicy accessControlPolicy : policies) {
	if (accessControlPolicy instanceof AccessControlList) {
	AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
	for (AccessControlEntry accessControlEntry : accessControlEntries) {
	allEntries.add(accessControlEntry);
	}
	}
	}
	assertEquals(3, allEntries.size());
	Map<String, AccessControlEntry> aceMap = new HashMap<>();
	for (AccessControlEntry accessControlEntry : allEntries) {
	aceMap.put(accessControlEntry.getPrincipal().getName(), accessControlEntry);
	}

	//check ACE for sling7268_user
	AccessControlEntry testUserAce = aceMap.get("sling7268_user");
	assertNotNull("Expected ACE for test user", testUserAce);
	assertEquals("sling7268_user", testUserAce.getPrincipal().getName());
	Privilege[] privileges = testUserAce.getPrivileges();
	assertNotNull(privileges);
	assertEquals(2, privileges.length);
	Set<String> privilegeNames = new HashSet<>();
	for (Privilege privilege : privileges) {
	privilegeNames.add(privilege.getName());
	}
	assertTrue("Expecting granted read privilege", privilegeNames.contains("jcr:read"));
	assertTrue("Expecting granted write privilege", privilegeNames.contains("jcr:write"));

	//check ACE for sling7268_group
	AccessControlEntry testGroupAce = aceMap.get("sling7268_group");
	assertNotNull("Expected ACE for test user", testGroupAce);
	assertEquals("sling7268_group", testGroupAce.getPrincipal().getName());
	privileges = testGroupAce.getPrivileges();
	assertNotNull(privileges);
	assertEquals(1, privileges.length);
	privilegeNames = new HashSet<>();
	for (Privilege privilege : privileges) {
	privilegeNames.add(privilege.getName());
	}
	assertTrue("Expecting granted modifyAccessControl privilege", privilegeNames.contains("jcr:modifyAccessControl"));

	//check ACE for everyone group
	AccessControlEntry everyoneAce = aceMap.get("everyone");
	assertNotNull("Expected ACE for everyone", everyoneAce);
	assertEquals("everyone", everyoneAce.getPrincipal().getName());
	privileges = everyoneAce.getPrivileges();
	assertNotNull(privileges);
	assertEquals(1, privileges.length);

	assertEquals("Expecting granted read privilege", "jcr:read", privileges[0].getName());
	}
	}