SLING-9901 - Add system user tests to JcrSystemUserValidatorTest (#10) * SLING-9901 - switch to Sling Mocks to run tests on an Oak repository * SLING-9901 : JcrSystemUserValidatorTest contains not tests for system users * SLING-9901 - use activate() method and comment on caching code paths Co-authored-by: angela <anchela@adobe.com>

commit: 942875aef2bc28df5af4f8c414cbe41155d9ad9d [log] [tgz]
author: Bertrand Delacretaz <bdelacretaz@apache.org> Wed Nov 18 10:58:17 2020 +0100
committer: GitHub <noreply@github.com> Wed Nov 18 10:58:17 2020 +0100
tree: db3adeee27ecde893ddb37e8cf3d4d83ce938726
parent: a263cc313ec24c05cdc79c9a2eb5a9fe3d14240d [diff]
diff --git a/pom.xml b/pom.xml
index 94a24b1..aa47b79 100644
--- a/pom.xml
+++ b/pom.xml

@@ -182,7 +182,7 @@
         <dependency>
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.scripting.api</artifactId>
-            <version>2.1.0</version>
+            <version>2.2.0</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
@@ -238,6 +238,23 @@
             <scope>test</scope>
         </dependency>
         <dependency>
+            <groupId>org.apache.sling</groupId>
+            <artifactId>org.apache.sling.testing.sling-mock</artifactId>
+            <version>2.6.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.sling</groupId>
+            <artifactId>org.apache.sling.testing.sling-mock-oak</artifactId>
+            <version>2.1.10-1.16.0</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.osgi</groupId>
+            <artifactId>osgi.cmpn</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
             <groupId>junit-addons</groupId>
             <artifactId>junit-addons</artifactId>
             <version>1.4</version>

diff --git a/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java b/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java
index ae36024..6a9c3bd 100644
--- a/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java
+++ b/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java

@@ -16,158 +16,159 @@
  */
 package org.apache.sling.jcr.resource.internal;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.annotation.Annotation;
 import java.lang.reflect.Field;
 import java.util.Collections;
 
-import javax.jcr.Credentials;
-import javax.jcr.LoginException;
-import javax.jcr.NoSuchWorkspaceException;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
-import javax.jcr.Value;
 import javax.naming.NamingException;
 
-import org.apache.sling.commons.testing.jcr.RepositoryTestBase;
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.sling.jcr.api.SlingRepository;
+import org.apache.sling.testing.mock.sling.ResourceResolverType;
+import org.apache.sling.testing.mock.sling.junit.SlingContext;
+import org.junit.After;
 import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
 
+public class JcrSystemUserValidatorTest {
 
-public class JcrSystemUserValidatorTest extends RepositoryTestBase {
-    
     private static final String GROUP_ADMINISTRATORS = "administrators";
-
+    private static final String SYSTEM_USER_ID = "test-system-user";
     private JcrSystemUserValidator jcrSystemUserValidator;
-    
+
+    private JackrabbitSession session;
+    private Group group;
+    private User systemUser;
+
+    @Rule
+    public final SlingContext context = new SlingContext(ResourceResolverType.JCR_OAK);
+
     @Before
-    public void setUp() throws IllegalArgumentException, IllegalAccessException, RepositoryException, NamingException, NoSuchFieldException, SecurityException {
+    public void setUp() throws IllegalArgumentException, IllegalAccessException, RepositoryException, NamingException,
+            NoSuchFieldException, SecurityException {
         jcrSystemUserValidator = new JcrSystemUserValidator();
-        Field repositoryField = jcrSystemUserValidator.getClass().getDeclaredField("repository");
+        final Field repositoryField = jcrSystemUserValidator.getClass().getDeclaredField("repository");
         repositoryField.setAccessible(true);
-        final SlingRepository delegate = getRepository();
 
-        SlingRepository repository = new SlingRepository() {
-            @Override
-            public String getDefaultWorkspace() {
-                return delegate.getDefaultWorkspace();
-            }
-
-            @Override
-            public Session loginAdministrative(String s) throws LoginException, RepositoryException {
-                return delegate.loginAdministrative(s);
-            }
-
-            @Override
-            public Session loginService(String s, String s1) throws LoginException, RepositoryException {
-                return delegate.loginAdministrative(s1);
-            }
-
-            @Override
-            public String[] getDescriptorKeys() {
-                return delegate.getDescriptorKeys();
-            }
-
-            @Override
-            public boolean isStandardDescriptor(String s) {
-                return delegate.isStandardDescriptor(s);
-            }
-
-            @Override
-            public boolean isSingleValueDescriptor(String s) {
-                return delegate.isSingleValueDescriptor(s);
-            }
-
-            @Override
-            public Value getDescriptorValue(String s) {
-                return delegate.getDescriptorValue(s);
-            }
-
-            @Override
-            public Value[] getDescriptorValues(String s) {
-                return delegate.getDescriptorValues(s);
-            }
-
-            @Override
-            public String getDescriptor(String s) {
-                return delegate.getDescriptor(s);
-            }
-
-            @Override
-            public Session login(Credentials credentials, String s) throws LoginException, NoSuchWorkspaceException, RepositoryException {
-                return delegate.login(credentials, s);
-            }
-
-            @Override
-            public Session login(Credentials credentials) throws LoginException, RepositoryException {
-                return delegate.login(credentials);
-            }
-
-            @Override
-            public Session login(String s) throws LoginException, NoSuchWorkspaceException, RepositoryException {
-                return delegate.login(s);
-            }
-
-            @Override
-            public Session login() throws LoginException, RepositoryException {
-                return delegate.login();
-            }
-        };
+        final SlingRepository repository = context.getService(SlingRepository.class);
+        assertEquals("Apache Jackrabbit Oak", repository.getDescriptor("jcr.repository.name"));
         repositoryField.set(jcrSystemUserValidator, repository);
+
+        session = (JackrabbitSession) context.resourceResolver().adaptTo(Session.class);
+        UserManager userManager = session.getUserManager();
+        group = userManager.createGroup(GROUP_ADMINISTRATORS);
+        systemUser = userManager.createSystemUser(SYSTEM_USER_ID, null);
+        if (session.hasPendingChanges()) {
+            session.save();
+        }
+    }
+
+    @After
+    public void after() throws Exception {
+        systemUser.remove();
+        group.remove();
+        session.save();
+    }
+
+    private void setAllowOnlySystemUsers(boolean allowOnlySystemUsers) throws Exception {
+        final JcrSystemUserValidator.Config config = new JcrSystemUserValidator.Config() {
+            @Override
+            public Class<? extends Annotation> annotationType() {
+                return null;
+            }
+
+            @Override
+            public boolean allow_only_system_user() {
+                return allowOnlySystemUsers;
+            }
+
+        };
+        jcrSystemUserValidator.activate(config);
     }
     
     @Test
     public void testIsValidWithEnforcementOfSystemUsersEnabled() throws Exception {
-        Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
-        allowOnlySystemUsersField.setAccessible(true);
-        allowOnlySystemUsersField.set(jcrSystemUserValidator, true);
+        setAllowOnlySystemUsers(true);
         
         //testing null user
         assertFalse(jcrSystemUserValidator.isValid((String) null, null, null));
         //testing not existing user     
         assertFalse(jcrSystemUserValidator.isValid("notExisting", null, null));
         //administrators group is not a valid user  (also not a system user)
-        assertFalse(jcrSystemUserValidator.isValid(GROUP_ADMINISTRATORS, null, null));
+        assertFalse(jcrSystemUserValidator.isValid(group.getID(), null, null));
+        // systemUser is valid
+        assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
     }
 
     @Test
     public void testIsValidPrincipalNamesWithEnforcementOfSystemUsersEnabled() throws Exception {
-        Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
-        allowOnlySystemUsersField.setAccessible(true);
-        allowOnlySystemUsersField.set(jcrSystemUserValidator, true);
+        setAllowOnlySystemUsers(true);
 
         //testing null principal names
         assertFalse(jcrSystemUserValidator.isValid((Iterable<String>) null, null, null));
         //testing not existing user
         assertFalse(jcrSystemUserValidator.isValid(Collections.singleton("notExisting"), null, null));
         //administrators group is not a valid user  (also not a system user)
-        assertFalse(jcrSystemUserValidator.isValid(Collections.singleton(GROUP_ADMINISTRATORS), null, null));
+        assertFalse(jcrSystemUserValidator.isValid(Collections.singleton(group.getPrincipal().getName()), null, null));
+        // systemUser is valid
+        assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
     }
     
     @Test
     public void testIsValidWithEnforcementOfSystemUsersDisabled() throws Exception {
-        Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
-        allowOnlySystemUsersField.setAccessible(true);
-        allowOnlySystemUsersField.set(jcrSystemUserValidator, false);
+        setAllowOnlySystemUsers(false);
         
         //testing null user
         assertFalse(jcrSystemUserValidator.isValid((String) null, null, null));
         //testing not existing user (is considered valid here)
         assertTrue(jcrSystemUserValidator.isValid("notExisting", null, null));
         // administrators group is not a user at all (but considered valid)
-        assertTrue(jcrSystemUserValidator.isValid(GROUP_ADMINISTRATORS, null, null));
+        assertTrue(jcrSystemUserValidator.isValid(group.getID(), null, null));
+        // systemUser is valid
+        assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
     }
 
     @Test
     public void testIsValidPrincipalNamesWithEnforcementOfSystemUsersDisabled() throws Exception {
-        Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
-        allowOnlySystemUsersField.setAccessible(true);
-        allowOnlySystemUsersField.set(jcrSystemUserValidator, false);
+        setAllowOnlySystemUsers(false);
 
         //testing null principal names
         assertFalse(jcrSystemUserValidator.isValid((Iterable<String>) null, null, null));
         //testing not existing user (is considered valid here)
         assertTrue(jcrSystemUserValidator.isValid(Collections.singleton("notExisting"), null, null));
         // administrators group is not a user at all (but considered valid)
-        assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(GROUP_ADMINISTRATORS), null, null));
+        assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(group.getPrincipal().getName()), null, null));
+        // systemUser is valid
+        assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
+    }
+
+    @Test
+    public void testIsValidIdTwice() throws Exception {
+        setAllowOnlySystemUsers(true);
+
+        // Validation information is cached internally - need to test twice
+        // to activate all code paths
+        assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
+        assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
+    }
+
+    @Test
+    public void testIsValidPrincipalNameTwice() throws Exception {
+        setAllowOnlySystemUsers(true);
+
+        // Validation information is cached internally - need to test twice
+        // to activate all code paths
+        assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
+        assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
     }
 }
commit	942875aef2bc28df5af4f8c414cbe41155d9ad9d	[log] [tgz]
author	Bertrand Delacretaz <bdelacretaz@apache.org>	Wed Nov 18 10:58:17 2020 +0100
committer	GitHub <noreply@github.com>	Wed Nov 18 10:58:17 2020 +0100
tree	db3adeee27ecde893ddb37e8cf3d4d83ce938726
parent	a263cc313ec24c05cdc79c9a2eb5a9fe3d14240d [diff]