EntryTest.java example

Explorer
jackrabbit-master
- jackrabbit-trunk
/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.jackrabbit.core.security.authorization.acl;

import java.security.Principal;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.jcr.AccessDeniedException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.Value;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;

import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.id.NodeId;
import org.apache.jackrabbit.core.security.authorization.AbstractEvaluationTest;
import org.apache.jackrabbit.test.NotExecutableException;

/**
 * <code>EntryTest</code>...
 */
public class EntryTest extends AbstractEvaluationTest {

    private String testPath;
    private JackrabbitAccessControlList acl;

    protected void setUp() throws Exception {
        super.setUp();
        testPath = testRootNode.getPath();
    }

    @Override
    protected void tearDown() throws Exception {
        try {
            acMgr.removePolicy(testPath, acl);
            superuser.save();
        } finally {
            super.tearDown();
        }
    }

    @Override
    protected boolean isExecutable() {
        return EvaluationUtil.isExecutable(acMgr);
    }

    @Override
    protected JackrabbitAccessControlList getPolicy(AccessControlManager acM, String path, Principal principal) throws RepositoryException, AccessDeniedException, NotExecutableException {
        return EvaluationUtil.getPolicy(acM, path, principal);
    }

    @Override
    protected Map<String, Value> getRestrictions(Session s, String path) {
        return Collections.emptyMap();
    }

    public void testIsLocal() throws NotExecutableException, RepositoryException {
        acl = getPolicy(acMgr, testPath, testUser.getPrincipal());
        modifyPrivileges(testPath, Privilege.JCR_READ, true);

        NodeImpl aclNode = (NodeImpl) superuser.getNode(acl.getPath() + "/rep:policy");
        List<Entry> entries = Entry.readEntries(aclNode, testRootNode.getPath());
        assertTrue(!entries.isEmpty());
        assertEquals(1, entries.size());

        Entry entry = entries.iterator().next();
        // false since acl has been created from path only -> no id
        assertTrue(entry.isLocal(((NodeImpl) testRootNode).getNodeId()));
        // false since internal id is null -> will never match.
        assertFalse(entry.isLocal(NodeId.randomId()));
    }

    public void testRestrictions() throws RepositoryException, NotExecutableException {
        // test if restrictions with expanded name are properly resolved
        Map<String, Value> restrictions = new HashMap<String,Value>();
        restrictions.put(ACLTemplate.P_GLOB.toString(), superuser.getValueFactory().createValue("*/test"));

        acl = getPolicy(acMgr, testPath, testUser.getPrincipal());
        acl.addEntry(testUser.getPrincipal(), new Privilege[] {acMgr.privilegeFromName(Privilege.JCR_ALL)}, true, restrictions);
        acMgr.setPolicy(testPath, acl);
        superuser.save();

        Map<String, Boolean> toMatch = new HashMap<String, Boolean>();
        toMatch.put(acl.getPath(), false);
        toMatch.put(acl.getPath() + "test", false);

        toMatch.put(acl.getPath() + "/test", true);
        toMatch.put(acl.getPath() + "/something/test", true);
        toMatch.put(acl.getPath() + "de/test", true);

        NodeImpl aclNode = (NodeImpl) superuser.getNode(acl.getPath() + "/rep:policy");
        List<Entry> entries = Entry.readEntries(aclNode, testRootNode.getPath());
        assertTrue(!entries.isEmpty());
        assertEquals(1, entries.size());

        Entry entry = entries.iterator().next();
        for (String str : toMatch.keySet()) {
            assertEquals("Path to match : " + str, toMatch.get(str).booleanValue(), entry.matches(str));
        }
    }
}