/** * Combination of {@link #getChild(String)} and {@link #addChild(String, String)} * in case no tree exists with the specified name. * * @param name The name of the child item. * @param primaryTypeName The name of the primary node type. * @return The new child node with the specified name and primary type. * @throws AccessDeniedException If the child does not exist after creation. */ @NotNull public NodeUtil getOrAddChild(String name, String primaryTypeName) throws AccessDeniedException { NodeUtil child = getChild(name); return (child != null) ? child : addChild(name, primaryTypeName); }
@Test public void testInvalidRestriction() throws Exception { NodeUtil restriction = createAcl().getChild(aceName).getChild(REP_RESTRICTIONS); restriction.setString("invalid", "value"); try { root.commit(); fail("Creating an unsupported restriction should fail."); } catch (CommitFailedException e) { // success assertTrue(e.isAccessControlViolation()); assertThat(e.getMessage(), containsString("/testRoot/rep:policy")); } }
@Test public void testRestrictionWithInvalidType() throws Exception { NodeUtil restriction = createAcl().getChild(aceName).getChild(REP_RESTRICTIONS); restriction.setName(REP_GLOB, "rep:glob"); try { root.commit(); fail("Creating restriction with invalid type should fail."); } catch (CommitFailedException e) { // success assertTrue(e.isAccessControlViolation()); assertThat(e.getMessage(), containsString("/testRoot/rep:policy")); } }
@Test public void testAddRestrictionWithAcContent() throws Exception { NodeUtil acl = createAcl(); NodeUtil ace = acl.getChild(aceName); NodeUtil[] acContent = new NodeUtil[]{acl, ace.getChild(REP_RESTRICTIONS)}; for (NodeUtil node : acContent) { NodeUtil entry = node.addChild("invalidRestriction", NT_REP_RESTRICTIONS); try { root.commit(); fail("Adding an ACE below an ACE or restriction should fail"); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertThat(e.getMessage(), containsString("/testRoot/rep:policy")); } finally { entry.getTree().remove(); } } }
@Test public void testAddRepoPolicyWithAcContent() throws Exception { NodeUtil acl = createAcl(); NodeUtil ace = acl.getChild(aceName); NodeUtil[] acContent = new NodeUtil[]{acl, ace, ace.getChild(REP_RESTRICTIONS)}; for (NodeUtil node : acContent) { NodeUtil policy = node.addChild(REP_REPO_POLICY, NT_REP_ACL); try { root.commit(); fail("Adding an ACL below access control content should fail"); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertThat(e.getMessage(), containsString("/testRoot/rep:policy")); } finally { policy.getTree().remove(); } } }
@Test public void testAddPolicyWithAcContent() throws Exception { NodeUtil acl = createAcl(); NodeUtil ace = acl.getChild(aceName); NodeUtil[] acContent = new NodeUtil[]{acl, ace, ace.getChild(REP_RESTRICTIONS)}; for (NodeUtil node : acContent) { NodeUtil policy = node.addChild(REP_POLICY, NT_REP_ACL); try { root.commit(); fail("Adding an ACL below access control content should fail"); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertThat(e.getMessage(), containsString("/testRoot/rep:policy")); } finally { policy.getTree().remove(); } } }
@Test public void testAddAceWithAcContent() throws Exception { NodeUtil acl = createAcl(); NodeUtil ace = acl.getChild(aceName); NodeUtil[] acContent = new NodeUtil[]{ace, ace.getChild(REP_RESTRICTIONS)}; for (NodeUtil node : acContent) { NodeUtil entry = node.addChild("invalidACE", NT_REP_DENY_ACE); try { root.commit(); fail("Adding an ACE below an ACE or restriction should fail"); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertThat(e.getMessage(), containsString("/testRoot/rep:policy/validAce")); } finally { entry.getTree().remove(); } } }
@Test public void testValidateRestrictionsWrongType() throws Exception { Restriction mand = restrictionProvider.createRestriction(testPath, "mandatory", valueFactory.createValue(true)); try { Tree ace = getAceTree(mand); new NodeUtil(ace).getChild(REP_RESTRICTIONS).setBoolean(REP_GLOB, true); restrictionProvider.validateRestrictions(testPath, ace); fail("wrong type with restriction 'rep:glob"); } catch (AccessControlException e) { // success } }
@Test public void testValidateRestrictionsUnsupportedRestriction() throws Exception { Restriction mand = restrictionProvider.createRestriction(testPath, "mandatory", valueFactory.createValue(true)); try { Tree ace = getAceTree(mand); new NodeUtil(ace).getChild(REP_RESTRICTIONS).setString("Unsupported", "value"); restrictionProvider.validateRestrictions(testPath, ace); fail("wrong type with restriction 'rep:glob"); } catch (AccessControlException e) { // success } }
target = target.getParent(); } else if (target.hasChild(segment)) { target = target.getChild(segment); } else if (!PathUtils.denotesCurrent(segment)) { target = target.addChild(segment, primaryTypeName);
@Test public void testChangePrimaryTypeToPolicyNode() throws Exception { testRootNode.getChild("child").addChild(AccessControlConstants.REP_POLICY, NT_UNSTRUCTURED); root.commit();