SLING-9901 - Add system user tests to JcrSystemUserValidatorTest (#10)
* SLING-9901 - switch to Sling Mocks to run tests on an Oak repository
* SLING-9901 : JcrSystemUserValidatorTest contains not tests for system users
* SLING-9901 - use activate() method and comment on caching code paths
Co-authored-by: angela <anchela@adobe.com>
diff --git a/pom.xml b/pom.xml
index 94a24b1..aa47b79 100644
--- a/pom.xml
+++ b/pom.xml
@@ -182,7 +182,7 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.scripting.api</artifactId>
- <version>2.1.0</version>
+ <version>2.2.0</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -238,6 +238,23 @@
<scope>test</scope>
</dependency>
<dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.testing.sling-mock</artifactId>
+ <version>2.6.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.testing.sling-mock-oak</artifactId>
+ <version>2.1.10-1.16.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>osgi.cmpn</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
<groupId>junit-addons</groupId>
<artifactId>junit-addons</artifactId>
<version>1.4</version>
diff --git a/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java b/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java
index ae36024..6a9c3bd 100644
--- a/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java
+++ b/src/test/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidatorTest.java
@@ -16,158 +16,159 @@
*/
package org.apache.sling.jcr.resource.internal;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.annotation.Annotation;
import java.lang.reflect.Field;
import java.util.Collections;
-import javax.jcr.Credentials;
-import javax.jcr.LoginException;
-import javax.jcr.NoSuchWorkspaceException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import javax.jcr.Value;
import javax.naming.NamingException;
-import org.apache.sling.commons.testing.jcr.RepositoryTestBase;
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.sling.jcr.api.SlingRepository;
+import org.apache.sling.testing.mock.sling.ResourceResolverType;
+import org.apache.sling.testing.mock.sling.junit.SlingContext;
+import org.junit.After;
import org.junit.Before;
+import org.junit.Rule;
import org.junit.Test;
+public class JcrSystemUserValidatorTest {
-public class JcrSystemUserValidatorTest extends RepositoryTestBase {
-
private static final String GROUP_ADMINISTRATORS = "administrators";
-
+ private static final String SYSTEM_USER_ID = "test-system-user";
private JcrSystemUserValidator jcrSystemUserValidator;
-
+
+ private JackrabbitSession session;
+ private Group group;
+ private User systemUser;
+
+ @Rule
+ public final SlingContext context = new SlingContext(ResourceResolverType.JCR_OAK);
+
@Before
- public void setUp() throws IllegalArgumentException, IllegalAccessException, RepositoryException, NamingException, NoSuchFieldException, SecurityException {
+ public void setUp() throws IllegalArgumentException, IllegalAccessException, RepositoryException, NamingException,
+ NoSuchFieldException, SecurityException {
jcrSystemUserValidator = new JcrSystemUserValidator();
- Field repositoryField = jcrSystemUserValidator.getClass().getDeclaredField("repository");
+ final Field repositoryField = jcrSystemUserValidator.getClass().getDeclaredField("repository");
repositoryField.setAccessible(true);
- final SlingRepository delegate = getRepository();
- SlingRepository repository = new SlingRepository() {
- @Override
- public String getDefaultWorkspace() {
- return delegate.getDefaultWorkspace();
- }
-
- @Override
- public Session loginAdministrative(String s) throws LoginException, RepositoryException {
- return delegate.loginAdministrative(s);
- }
-
- @Override
- public Session loginService(String s, String s1) throws LoginException, RepositoryException {
- return delegate.loginAdministrative(s1);
- }
-
- @Override
- public String[] getDescriptorKeys() {
- return delegate.getDescriptorKeys();
- }
-
- @Override
- public boolean isStandardDescriptor(String s) {
- return delegate.isStandardDescriptor(s);
- }
-
- @Override
- public boolean isSingleValueDescriptor(String s) {
- return delegate.isSingleValueDescriptor(s);
- }
-
- @Override
- public Value getDescriptorValue(String s) {
- return delegate.getDescriptorValue(s);
- }
-
- @Override
- public Value[] getDescriptorValues(String s) {
- return delegate.getDescriptorValues(s);
- }
-
- @Override
- public String getDescriptor(String s) {
- return delegate.getDescriptor(s);
- }
-
- @Override
- public Session login(Credentials credentials, String s) throws LoginException, NoSuchWorkspaceException, RepositoryException {
- return delegate.login(credentials, s);
- }
-
- @Override
- public Session login(Credentials credentials) throws LoginException, RepositoryException {
- return delegate.login(credentials);
- }
-
- @Override
- public Session login(String s) throws LoginException, NoSuchWorkspaceException, RepositoryException {
- return delegate.login(s);
- }
-
- @Override
- public Session login() throws LoginException, RepositoryException {
- return delegate.login();
- }
- };
+ final SlingRepository repository = context.getService(SlingRepository.class);
+ assertEquals("Apache Jackrabbit Oak", repository.getDescriptor("jcr.repository.name"));
repositoryField.set(jcrSystemUserValidator, repository);
+
+ session = (JackrabbitSession) context.resourceResolver().adaptTo(Session.class);
+ UserManager userManager = session.getUserManager();
+ group = userManager.createGroup(GROUP_ADMINISTRATORS);
+ systemUser = userManager.createSystemUser(SYSTEM_USER_ID, null);
+ if (session.hasPendingChanges()) {
+ session.save();
+ }
+ }
+
+ @After
+ public void after() throws Exception {
+ systemUser.remove();
+ group.remove();
+ session.save();
+ }
+
+ private void setAllowOnlySystemUsers(boolean allowOnlySystemUsers) throws Exception {
+ final JcrSystemUserValidator.Config config = new JcrSystemUserValidator.Config() {
+ @Override
+ public Class<? extends Annotation> annotationType() {
+ return null;
+ }
+
+ @Override
+ public boolean allow_only_system_user() {
+ return allowOnlySystemUsers;
+ }
+
+ };
+ jcrSystemUserValidator.activate(config);
}
@Test
public void testIsValidWithEnforcementOfSystemUsersEnabled() throws Exception {
- Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
- allowOnlySystemUsersField.setAccessible(true);
- allowOnlySystemUsersField.set(jcrSystemUserValidator, true);
+ setAllowOnlySystemUsers(true);
//testing null user
assertFalse(jcrSystemUserValidator.isValid((String) null, null, null));
//testing not existing user
assertFalse(jcrSystemUserValidator.isValid("notExisting", null, null));
//administrators group is not a valid user (also not a system user)
- assertFalse(jcrSystemUserValidator.isValid(GROUP_ADMINISTRATORS, null, null));
+ assertFalse(jcrSystemUserValidator.isValid(group.getID(), null, null));
+ // systemUser is valid
+ assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
}
@Test
public void testIsValidPrincipalNamesWithEnforcementOfSystemUsersEnabled() throws Exception {
- Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
- allowOnlySystemUsersField.setAccessible(true);
- allowOnlySystemUsersField.set(jcrSystemUserValidator, true);
+ setAllowOnlySystemUsers(true);
//testing null principal names
assertFalse(jcrSystemUserValidator.isValid((Iterable<String>) null, null, null));
//testing not existing user
assertFalse(jcrSystemUserValidator.isValid(Collections.singleton("notExisting"), null, null));
//administrators group is not a valid user (also not a system user)
- assertFalse(jcrSystemUserValidator.isValid(Collections.singleton(GROUP_ADMINISTRATORS), null, null));
+ assertFalse(jcrSystemUserValidator.isValid(Collections.singleton(group.getPrincipal().getName()), null, null));
+ // systemUser is valid
+ assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
}
@Test
public void testIsValidWithEnforcementOfSystemUsersDisabled() throws Exception {
- Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
- allowOnlySystemUsersField.setAccessible(true);
- allowOnlySystemUsersField.set(jcrSystemUserValidator, false);
+ setAllowOnlySystemUsers(false);
//testing null user
assertFalse(jcrSystemUserValidator.isValid((String) null, null, null));
//testing not existing user (is considered valid here)
assertTrue(jcrSystemUserValidator.isValid("notExisting", null, null));
// administrators group is not a user at all (but considered valid)
- assertTrue(jcrSystemUserValidator.isValid(GROUP_ADMINISTRATORS, null, null));
+ assertTrue(jcrSystemUserValidator.isValid(group.getID(), null, null));
+ // systemUser is valid
+ assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
}
@Test
public void testIsValidPrincipalNamesWithEnforcementOfSystemUsersDisabled() throws Exception {
- Field allowOnlySystemUsersField = jcrSystemUserValidator.getClass().getDeclaredField("allowOnlySystemUsers");
- allowOnlySystemUsersField.setAccessible(true);
- allowOnlySystemUsersField.set(jcrSystemUserValidator, false);
+ setAllowOnlySystemUsers(false);
//testing null principal names
assertFalse(jcrSystemUserValidator.isValid((Iterable<String>) null, null, null));
//testing not existing user (is considered valid here)
assertTrue(jcrSystemUserValidator.isValid(Collections.singleton("notExisting"), null, null));
// administrators group is not a user at all (but considered valid)
- assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(GROUP_ADMINISTRATORS), null, null));
+ assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(group.getPrincipal().getName()), null, null));
+ // systemUser is valid
+ assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
+ }
+
+ @Test
+ public void testIsValidIdTwice() throws Exception {
+ setAllowOnlySystemUsers(true);
+
+ // Validation information is cached internally - need to test twice
+ // to activate all code paths
+ assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
+ assertTrue(jcrSystemUserValidator.isValid(systemUser.getID(), null, null));
+ }
+
+ @Test
+ public void testIsValidPrincipalNameTwice() throws Exception {
+ setAllowOnlySystemUsers(true);
+
+ // Validation information is cached internally - need to test twice
+ // to activate all code paths
+ assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
+ assertTrue(jcrSystemUserValidator.isValid(Collections.singleton(systemUser.getPrincipal().getName()), null, null));
}
}