@Test public void testCalculatePermissionsParentAwareAllow() { PrivilegeBitsProvider provider = new PrivilegeBitsProvider(Mockito.mock(Root.class)); // parent aware permissions // a) jcr:addChildNodes PrivilegeBits addChild = provider.getBits(JCR_ADD_CHILD_NODES); assertFalse(Permissions.ADD_NODE == PrivilegeBits.calculatePermissions(addChild, PrivilegeBits.EMPTY, true)); assertTrue(Permissions.ADD_NODE == PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, addChild, true)); // b) jcr:removeChildNodes and jcr:removeNode PrivilegeBits removeChild = provider.getBits(JCR_REMOVE_CHILD_NODES); assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(removeChild, PrivilegeBits.EMPTY, true)); assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, removeChild, true)); PrivilegeBits removeNode = provider.getBits(JCR_REMOVE_NODE); assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(removeNode, PrivilegeBits.EMPTY, true)); assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, removeNode, true)); PrivilegeBits remove = provider.getBits(JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE); assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(remove, PrivilegeBits.EMPTY, true)); assertFalse(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, remove, true)); assertTrue(Permissions.REMOVE_NODE == PrivilegeBits.calculatePermissions(remove, remove, true)); }
@Test public void testCalculatePermissionsAll() { PrivilegeBits all = bitsProvider.getBits(JCR_ALL); assertFalse(Permissions.ALL == PrivilegeBits.calculatePermissions(all, PrivilegeBits.EMPTY, true)); assertTrue(Permissions.ALL == PrivilegeBits.calculatePermissions(all, all, true)); }
@Test public void testCalculatePermissionsParentAwareDeny() { PrivilegeBitsProvider provider = new PrivilegeBitsProvider(Mockito.mock(Root.class)); // parent aware permissions // a) jcr:addChildNodes PrivilegeBits addChild = provider.getBits(JCR_ADD_CHILD_NODES); assertNotEquals(Permissions.ADD_NODE, PrivilegeBits.calculatePermissions(addChild, PrivilegeBits.EMPTY, false)); assertEquals(Permissions.ADD_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, addChild, false)); // b) jcr:removeChildNodes and jcr:removeNode PrivilegeBits removeChild = provider.getBits(JCR_REMOVE_CHILD_NODES); assertEquals(Permissions.NO_PERMISSION, PrivilegeBits.calculatePermissions(removeChild, PrivilegeBits.EMPTY, false)); assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, removeChild, false)); PrivilegeBits removeNode = provider.getBits(JCR_REMOVE_NODE); assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(removeNode, PrivilegeBits.EMPTY, false)); assertNotEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, removeNode, false)); PrivilegeBits remove = provider.getBits(JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE); assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(remove, PrivilegeBits.EMPTY, false)); assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(PrivilegeBits.EMPTY, remove, false)); assertEquals(Permissions.REMOVE_NODE, PrivilegeBits.calculatePermissions(remove, remove, false)); }
for (PrivilegeBits pb : simple.keySet()) { long expected = simple.get(pb).longValue(); assertTrue(expected == PrivilegeBits.calculatePermissions(pb, PrivilegeBits.EMPTY, true)); assertTrue(expected == PrivilegeBits.calculatePermissions(pb, pb, true)); assertTrue(permissions == PrivilegeBits.calculatePermissions(add_change, PrivilegeBits.EMPTY, true)); assertTrue(permissions == PrivilegeBits.calculatePermissions(add_change, add_change, true)); assertTrue(permissions == PrivilegeBits.calculatePermissions(add_rm, PrivilegeBits.EMPTY, true)); assertTrue(permissions == PrivilegeBits.calculatePermissions(add_rm, add_rm, true)); assertTrue(permissions == PrivilegeBits.calculatePermissions(ch_rm, PrivilegeBits.EMPTY, true)); assertTrue(permissions == PrivilegeBits.calculatePermissions(ch_rm, add_rm, true));
allowBits.addDifference(entry.privilegeBits, denyBits); long ap = PrivilegeBits.calculatePermissions(allowBits, parentAllowBits, true); allows |= Permissions.diff(ap, denies); if ((allows | ~permissions) == -1) { denyBits.addDifference(entry.privilegeBits, allowBits); long dp = PrivilegeBits.calculatePermissions(denyBits, parentDenyBits, false); denies |= Permissions.diff(dp, allows); if (Permissions.includes(denies, permissions)) {
allowBits.addDifference(entry.privilegeBits, denyBits); long ap = PrivilegeBits.calculatePermissions(allowBits, parentAllowBits, true); allows |= Permissions.diff(ap, denies); if ((allows | ~permissions) == -1) { denyBits.addDifference(entry.privilegeBits, allowBits); long dp = PrivilegeBits.calculatePermissions(denyBits, parentDenyBits, false); denies |= Permissions.diff(dp, allows); if (Permissions.includes(denies, permissions)) {
allowBits.addDifference(entry.privilegeBits, denyBits); long ap = PrivilegeBits.calculatePermissions(allowBits, parentAllowBits, true); allows |= Permissions.diff(ap, denies); if ((allows | ~permissions) == -1) { denyBits.addDifference(entry.privilegeBits, allowBits); long dp = PrivilegeBits.calculatePermissions(denyBits, parentDenyBits, false); denies |= Permissions.diff(dp, allows); if (Permissions.includes(denies, permissions)) {