static void createCug(@NotNull Root root, @NotNull String path, @NotNull String principalName) throws RepositoryException { Tree tree = root.getTree(path); Preconditions.checkState(tree.exists()); TreeUtil.addMixin(tree, MIX_REP_CUG_MIXIN, root.getTree(NODE_TYPES_PATH), null); new NodeUtil(tree).addChild(REP_CUG_POLICY, NT_REP_CUG_POLICY).setStrings(REP_PRINCIPAL_NAMES, principalName); }
@Test public void testModifyExternalPrincipalNamesAsSystem() throws Exception { Root systemRoot = getSystemRoot(); NodeUtil n = new NodeUtil(systemRoot.getTree(externalUserPath)); // changing with system root must succeed n.setStrings(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES, "principalNames"); systemRoot.commit(); }
@Override @Test public void testRepExternalIdMultiple() throws Exception { Root systemRoot = getSystemRoot(); NodeUtil n = new NodeUtil(systemRoot.getTree(testUserPath)); n.setStrings(ExternalIdentityConstants.REP_EXTERNAL_ID, "id", "id2"); systemRoot.commit(); }
@Test public void testAddExternalPrincipalNamesAsSystem() throws Exception { Root systemRoot = getSystemRoot(); NodeUtil n = new NodeUtil(systemRoot.getTree(testUserPath)); n.setString(ExternalIdentityConstants.REP_EXTERNAL_ID, "externalId"); n.setStrings(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES, "principalName"); systemRoot.commit(); }
@Test public void testNotIsDeclaredMemberMissingMembersProperty() throws Exception { Tree grTree = getTree(createGroup()); Tree memberTree = getTree(createUser()); NodeUtil memberList = new NodeUtil(grTree).addChild(REP_MEMBERS_LIST, NT_REP_MEMBER_REFERENCES_LIST); memberList.addChild("member1", NT_REP_MEMBER_REFERENCES).setStrings(REP_MEMBERS, getContentID("another")); assertFalse(mp.isDeclaredMember(grTree, memberTree)); }
@Test public void testIsDeclaredMemberMissingMembersProperty() throws Exception { Tree grTree = getTree(createGroup()); Tree memberTree = getTree(createUser()); NodeUtil memberList = new NodeUtil(grTree).addChild(REP_MEMBERS_LIST, NT_REP_MEMBER_REFERENCES_LIST); memberList.addChild("member1", NT_REP_MEMBER_REFERENCES).setStrings(REP_MEMBERS, getContentID(memberTree)); assertTrue(mp.isDeclaredMember(grTree, memberTree)); }
@Test public void testGetPoliciesAfterManualCreation() throws Exception { NodeUtil n = new NodeUtil(root.getTree(SUPPORTED_PATH)); NodeUtil cug = n.addChild(REP_CUG_POLICY, NT_REP_CUG_POLICY); AccessControlPolicy[] policies = cugAccessControlManager.getPolicies(SUPPORTED_PATH); assertEquals(1, policies.length); assertTrue(policies[0] instanceof CugPolicy); CugPolicy cugPolicy = (CugPolicy) policies[0]; assertTrue(cugPolicy.getPrincipals().isEmpty()); cug.setStrings(REP_PRINCIPAL_NAMES, "unknownPrincipalName", EveryonePrincipal.NAME); policies = cugAccessControlManager.getPolicies(SUPPORTED_PATH); cugPolicy = (CugPolicy) policies[0]; assertEquals(2, cugPolicy.getPrincipals().size()); }
@Test public void testAddExternalPrincipalNames() { Tree userTree = root.getTree(testUserPath); NodeUtil userNode = new NodeUtil(userTree); try { userNode.setStrings(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES, "principalName"); root.commit(); fail("Creating rep:externalPrincipalNames must be detected."); } catch (CommitFailedException e) { // success assertEquals(70, e.getCode()); } finally { root.refresh(); } }
@Test public void testAddExternalPrincipalNamesAsSystemMissingExternalId() throws Exception { Root systemRoot = getSystemRoot(); try { NodeUtil n = new NodeUtil(systemRoot.getTree(testUserPath)); n.setStrings(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES, "principalName"); systemRoot.commit(); fail("Creating rep:externalPrincipalNames without rep:externalId must be detected."); } catch (CommitFailedException e) { // success assertEquals(72, e.getCode()); } finally { systemRoot.refresh(); } }
@Test public void testRepExternalIdMultiple() throws Exception { Root systemRoot = getSystemRoot(); try { NodeUtil n = new NodeUtil(systemRoot.getTree(testUserPath)); n.setStrings(ExternalIdentityConstants.REP_EXTERNAL_ID, "id", "id2"); systemRoot.commit(); fail("Creating rep:externalId as multiple STRING property must be detected."); } catch (CommitFailedException e) { // success assertEquals(75, e.getCode()); } finally { systemRoot.refresh(); } }
@Test public void testMissingMixin() throws Exception { NodeUtil cug = node.addChild(REP_CUG_POLICY, NT_REP_CUG_POLICY); cug.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); try { root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(22, e.getCode()); } finally { root.refresh(); } }
@Test public void testInvalidPrimaryType() throws Exception { NodeUtil cug = node.addChild(REP_CUG_POLICY, NodeTypeConstants.NT_OAK_UNSTRUCTURED); cug.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); try { root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(21, e.getCode()); } finally { root.refresh(); } }
@Test public void testChangePrimaryType() { node = new NodeUtil(root.getTree(SUPPORTED_PATH2)); try { node.setName(JcrConstants.JCR_PRIMARYTYPE, NT_REP_CUG_POLICY); node.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(20, e.getCode()); } }
@Test public void testReadRestrictions() throws Exception { NodeUtil aceNode = new NodeUtil(root.getTree("/")).addChild("test", NT_REP_GRANT_ACE); aceNode.setBoolean("boolean", true); aceNode.setValues("longs", new Value[] {vf.createValue(10), vf.createValue(290)}); aceNode.setString(REP_GLOB, "*"); aceNode.setNames(REP_NT_NAMES); // empty array aceNode.setString("invalid", "val"); aceNode.setStrings("invalid2", "val1", "val2", "val3"); Set<Restriction> restrictions = provider.readRestrictions("/test", aceNode.getTree()); assertEquals(4, restrictions.size()); for (Restriction r : restrictions) { String name = r.getDefinition().getName(); if (!supported.contains(name)) { fail("read unsupported restriction"); } } }
@Test public void testCugPolicyWithDifferentName() throws Exception { node.setNames(JcrConstants.JCR_MIXINTYPES, MIX_REP_CUG_MIXIN); NodeUtil cug = node.addChild("anotherName", NT_REP_CUG_POLICY); cug.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); try { root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(23, e.getCode()); } finally { root.refresh(); } }
@Test public void testChangePrimaryTypeOfCug() throws Exception { node.setNames(JcrConstants.JCR_MIXINTYPES, MIX_REP_CUG_MIXIN); NodeUtil cug = node.addChild(REP_CUG_POLICY, NT_REP_CUG_POLICY); cug.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); root.commit(); try { cug.setName(JcrConstants.JCR_PRIMARYTYPE, NodeTypeConstants.NT_OAK_UNSTRUCTURED); root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(21, e.getCode()); } }
@Test public void testRemoveMixin() throws Exception { node.setNames(JcrConstants.JCR_MIXINTYPES, MIX_REP_CUG_MIXIN); NodeUtil cug = node.addChild(REP_CUG_POLICY, NT_REP_CUG_POLICY); cug.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); root.commit(); try { node.removeProperty(JcrConstants.JCR_MIXINTYPES); root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(22, e.getCode()); } finally { root.refresh(); } }
rNode.setStrings(REP_GLOB, "*", "/jcr:content"); try { provider.validateRestrictions("/test", aceNode.getTree());