@Test public void testGetPermissionsOnAccessControlledNode() { TreeLocation tl = createNonExistingTreeLocation(PathUtils.ROOT_PATH + AccessControlConstants.REP_POLICY); Map<String, Long> map = new HashMap<>(); // read -> mapped to read-access-control map.put(Session.ACTION_READ, Permissions.READ_ACCESS_CONTROL); // all regular write -> mapped to modify-access-control (compatible and in // accordance to the previous behavior, where specifying an explicit // modify_access_control action was not possible. map.put(Session.ACTION_ADD_NODE, Permissions.MODIFY_ACCESS_CONTROL); map.put(Session.ACTION_REMOVE, Permissions.MODIFY_ACCESS_CONTROL); map.put(Session.ACTION_SET_PROPERTY, Permissions.MODIFY_ACCESS_CONTROL); map.put(JackrabbitSession.ACTION_ADD_PROPERTY, Permissions.MODIFY_ACCESS_CONTROL); map.put(JackrabbitSession.ACTION_MODIFY_PROPERTY, Permissions.MODIFY_ACCESS_CONTROL); map.put(JackrabbitSession.ACTION_REMOVE_PROPERTY, Permissions.MODIFY_ACCESS_CONTROL); map.put(JackrabbitSession.ACTION_REMOVE_NODE, Permissions.MODIFY_ACCESS_CONTROL); // all other actions are mapped to the corresponding permission without // testing for item being ac-content map.put(JackrabbitSession.ACTION_READ_ACCESS_CONTROL, Permissions.READ_ACCESS_CONTROL); map.put(JackrabbitSession.ACTION_MODIFY_ACCESS_CONTROL, Permissions.MODIFY_ACCESS_CONTROL); map.put(JackrabbitSession.ACTION_LOCKING, Permissions.LOCK_MANAGEMENT); map.put(JackrabbitSession.ACTION_VERSIONING, Permissions.VERSION_MANAGEMENT); map.put(JackrabbitSession.ACTION_USER_MANAGEMENT, Permissions.USER_MANAGEMENT); for (Map.Entry<String, Long> entry : map.entrySet()) { assertEquals(entry.getKey(), entry.getValue().longValue(), Permissions.getPermissions(entry.getKey(), tl, true)); } }
@Test public void testActionRemove() { TreeLocation treeLocation = TreeLocation.create(existingTree); assertNull(treeLocation.getProperty()); assertEquals(Permissions.REMOVE_NODE, Permissions.getPermissions(Session.ACTION_REMOVE, treeLocation, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_REMOVE, treeLocation, true)); TreeLocation nonExistingTree = createNonExistingTreeLocation("/nonExisting"); assertNull(nonExistingTree.getProperty()); assertEquals(Permissions.REMOVE, Permissions.getPermissions(Session.ACTION_REMOVE, nonExistingTree, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_REMOVE, nonExistingTree, true)); TreeLocation nonExistingProp = createNonExistingTreeLocation("/nonExisting").getChild("nonExisting"); assertNull(nonExistingProp.getProperty()); assertEquals(Permissions.REMOVE, Permissions.getPermissions(Session.ACTION_REMOVE, nonExistingProp, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_REMOVE, nonExistingProp, true)); TreeLocation existingProp = treeLocation.getChild(JcrConstants.JCR_PRIMARYTYPE); assertNotNull(existingProp.getProperty()); assertEquals(Permissions.REMOVE_PROPERTY, Permissions.getPermissions(Session.ACTION_REMOVE, existingProp, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, existingProp, true)); }
@Test public void testActionRead() { TreeLocation treeLocation = TreeLocation.create(existingTree); assertNull(treeLocation.getProperty()); assertEquals(Permissions.READ_NODE, Permissions.getPermissions(Session.ACTION_READ, treeLocation, false)); assertEquals(Permissions.READ_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_READ, treeLocation, true)); TreeLocation nonExistingTree = createNonExistingTreeLocation("/nonExisting"); assertNull(nonExistingTree.getProperty()); assertEquals(Permissions.READ, Permissions.getPermissions(Session.ACTION_READ, nonExistingTree, false)); assertEquals(Permissions.READ_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_READ, nonExistingTree, true)); TreeLocation nonExistingProp = createNonExistingTreeLocation("/nonExisting").getChild("nonExisting"); assertNull(nonExistingProp.getProperty()); assertEquals(Permissions.READ, Permissions.getPermissions(Session.ACTION_READ, nonExistingProp, false)); assertEquals(Permissions.READ_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_READ, nonExistingProp, true)); TreeLocation existingProp = treeLocation.getChild(JcrConstants.JCR_PRIMARYTYPE); assertNotNull(existingProp.getProperty()); assertEquals(Permissions.READ_PROPERTY, Permissions.getPermissions(Session.ACTION_READ, existingProp, false)); assertEquals(Permissions.READ_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_READ, existingProp, true)); }
@Test public void testActionSetProperty() { TreeLocation treeLocation = TreeLocation.create(existingTree); assertNull(treeLocation.getProperty()); assertEquals(Permissions.ADD_PROPERTY, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, treeLocation, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, treeLocation, true)); TreeLocation nonExistingTree = createNonExistingTreeLocation("/nonExisting"); assertNull(nonExistingTree.getProperty()); assertEquals(Permissions.ADD_PROPERTY, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, nonExistingTree, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, nonExistingTree, true)); TreeLocation nonExistingProp = createNonExistingTreeLocation("/nonExisting").getChild("nonExisting"); assertNull(nonExistingProp.getProperty()); assertEquals(Permissions.ADD_PROPERTY, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, nonExistingProp, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, nonExistingProp, true)); TreeLocation existingProp = treeLocation.getChild(JcrConstants.JCR_PRIMARYTYPE); assertNotNull(existingProp.getProperty()); assertEquals(Permissions.MODIFY_PROPERTY, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, existingProp, false)); assertEquals(Permissions.MODIFY_ACCESS_CONTROL, Permissions.getPermissions(Session.ACTION_SET_PROPERTY, existingProp, true)); }