public MailboxACL toMailboxAcl() { BinaryOperator<MailboxACL> union = Throwing.binaryOperator(MailboxACL::union); return rights.asMap() .entrySet() .stream() .map(entry -> new MailboxACL( ImmutableMap.of( EntryKey.createUserEntryKey(entry.getKey().value), toMailboxAclRights(entry.getValue())))) .reduce(MailboxACL.EMPTY, union); }
@Before public void setUp() throws Exception { u1u2g1g2Properties = new Properties(); u1u2g1g2Properties.setProperty(USER_1, aeik); u1u2g1g2Properties.setProperty(MailboxACL.DEFAULT_NEGATIVE_MARKER + USER_1, lprs); u1u2g1g2Properties.setProperty(USER_2, lprs); u1u2g1g2Properties.setProperty(MailboxACL.DEFAULT_NEGATIVE_MARKER + USER_2, twx); u1u2g1g2ACL = new MailboxACL(u1u2g1g2Properties); }
@Test public void propertiesConstructorShouldAcceptNullValues() throws Exception { assertThat(new MailboxACL((Properties) null)) .isEqualTo(MailboxACL.EMPTY); }
@Test public void toMailboxAclShouldReturnEmptyAclWhenEmpty() { Rights rights = Rights.EMPTY; assertThat(rights.toMailboxAcl()) .isEqualTo(new MailboxACL()); }
@Test public void fromACLShouldFilterNegatedUsers() throws Exception { MailboxACL acl = new MailboxACL(ImmutableMap.of( EntryKey.createUserEntryKey("user", NEGATIVE), Rfc4314Rights.fromSerializedRfc4314Rights("aet"))); assertThat(Rights.fromACL(acl)) .isEqualTo(Rights.EMPTY); }
@Test public void ofPositiveNameTypeShouldFilterOutNegativeEntries() throws Exception { MailboxACL mailboxACL = new MailboxACL( ImmutableMap.of(EntryKey.createUserEntryKey("user1", NEGATIVE), MailboxACL.FULL_RIGHTS)); assertThat(mailboxACL.ofPositiveNameType(NameType.user)) .isEmpty(); } }
@Test void deSerializeShouldAcceptDoubleRight() { assertThat(DTO_JSON_SERIALIZE.aclDiffReads().reads(Json.parse( "{\"oldACL\":{\"$any\":\"aa\"},\"newACL\":{}}")) .get().toJava()) .isEqualTo(new ACLDiff(new MailboxACL(ImmutableMap.of( new MailboxACL.EntryKey("any", MailboxACL.NameType.group, false), new MailboxACL.Rfc4314Rights(MailboxACL.Right.Administer))), new MailboxACL())); }
@Test void deSerializeShouldAcceptEmptyRight() { assertThat(DTO_JSON_SERIALIZE.aclDiffReads().reads(Json.parse( "{\"oldACL\":{\"$any\":\"\"},\"newACL\":{}}")) .get().toJava()) .isEqualTo(new ACLDiff(new MailboxACL(ImmutableMap.of( new MailboxACL.EntryKey("any", MailboxACL.NameType.group, false), new MailboxACL.Rfc4314Rights())), new MailboxACL())); }
@Test public void usersACLShouldReturnEmptyMapWhenNoUserEntry() { MailboxACL mailboxACL = new MailboxACL( ImmutableMap.of(EntryKey.createGroupEntryKey("group"), MailboxACL.FULL_RIGHTS, EntryKey.createGroupEntryKey("group2"), MailboxACL.NO_RIGHTS)); assertThat(mailboxACL.ofPositiveNameType(NameType.user)) .isEmpty(); }
@Test void saveShouldInsertNewEntry() { testee.update(MAILBOX_ID, ACLDiff.computeDiff( MailboxACL.EMPTY, new MailboxACL(new Entry(ENTRY_KEY, RIGHTS)))) .join(); assertThat(testee.retrieve(USER_NAME, MAILBOX_ID).join()) .contains(RIGHTS); }
@Test public void fromACLShouldAcceptUsers() throws Exception { MailboxACL acl = new MailboxACL(ImmutableMap.of( EntryKey.createUserEntryKey("user"), Rfc4314Rights.fromSerializedRfc4314Rights("aet"))); assertThat(Rights.fromACL(acl)) .isEqualTo(Rights.builder() .delegateTo(USERNAME, Right.Administer, Right.Expunge, Right.DeleteMessages) .build()); }
@Test public void fromACLShouldFilterOutUnknownRights() throws Exception { MailboxACL acl = new MailboxACL(ImmutableMap.of( EntryKey.createUserEntryKey("user"), Rfc4314Rights.fromSerializedRfc4314Rights("aetpk"))); assertThat(Rights.fromACL(acl)) .isEqualTo(Rights.builder() .delegateTo(USERNAME, Right.Administer, Right.Expunge, Right.DeleteMessages) .build()); }
@Test public void testExceptACLFull() throws UnsupportedRightException { Map<EntryKey, Rfc4314Rights> expectedEntries = new HashMap<>(u1u2g1g2ACL.getEntries()); expectedEntries.remove(EntryKey.deserialize(USER_1)); MailboxACL toRemove = new MailboxACL(new Entry(USER_1, MailboxACL.FULL_RIGHTS.serialize())); MailboxACL result = u1u2g1g2ACL.except(toRemove); Map<EntryKey, Rfc4314Rights> foundEntries = result.getEntries(); assertThat(foundEntries).isEqualTo(expectedEntries); }
@Test public void testUnionACLExisting() throws UnsupportedRightException { Map<EntryKey, Rfc4314Rights> expectedEntries = new HashMap<>(u1u2g1g2ACL.getEntries()); expectedEntries.put(EntryKey.deserialize(USER_1), Rfc4314Rights.fromSerializedRfc4314Rights(aeik + lprs)); MailboxACL toAdd = new MailboxACL(new Entry(USER_1, lprs)); MailboxACL result = u1u2g1g2ACL.union(toAdd); Map<EntryKey, Rfc4314Rights> foundEntries = result.getEntries(); assertThat(expectedEntries).isEqualTo(foundEntries); }
@Test public void testExceptACLExisting() throws UnsupportedRightException { Map<EntryKey, Rfc4314Rights> expectedEntries = new HashMap<>(u1u2g1g2ACL.getEntries()); expectedEntries.put(EntryKey.deserialize(USER_1), Rfc4314Rights.fromSerializedRfc4314Rights(ik)); MailboxACL toRemove = new MailboxACL(new Entry(USER_1, ae)); MailboxACL result = u1u2g1g2ACL.except(toRemove); Map<EntryKey, Rfc4314Rights> foundEntries = result.getEntries(); assertThat(foundEntries).isEqualTo(expectedEntries); }
@Test void replaceWhenNotStoredShouldUpdateACLEntry() throws MailboxException { MailboxACL.EntryKey key = new MailboxACL.EntryKey("bob", MailboxACL.NameType.user, false); MailboxACL.Rfc4314Rights rights = new MailboxACL.Rfc4314Rights(MailboxACL.Right.Read); cassandraACLMapper.updateACL(MAILBOX_ID, MailboxACL.command().key(key).rights(rights).asReplacement()); assertThat(cassandraACLMapper.getACL(MAILBOX_ID).join()).isEqualTo(new MailboxACL().union(key, rights)); }
@Test void addACLWhenNoneStoredShouldReturnUpdatedACL() throws Exception { MailboxACL.EntryKey key = new MailboxACL.EntryKey("bob", MailboxACL.NameType.user, false); MailboxACL.Rfc4314Rights rights = new MailboxACL.Rfc4314Rights(MailboxACL.Right.Read); cassandraACLMapper.updateACL(MAILBOX_ID, MailboxACL.command().key(key).rights(rights).asAddition()); assertThat(cassandraACLMapper.getACL(MAILBOX_ID).join()) .isEqualTo(new MailboxACL().union(key, rights)); }
@Test void updateInvalidACLShouldBeBasedOnEmptyACL(CassandraCluster cassandra) throws Exception { cassandra.getConf().execute( insertInto(CassandraACLTable.TABLE_NAME) .value(CassandraACLTable.ID, MAILBOX_ID.asUuid()) .value(CassandraACLTable.ACL, "{\"entries\":{\"bob\":invalid}}") .value(CassandraACLTable.VERSION, 1)); MailboxACL.EntryKey key = new MailboxACL.EntryKey("bob", MailboxACL.NameType.user, false); MailboxACL.Rfc4314Rights rights = new MailboxACL.Rfc4314Rights(MailboxACL.Right.Read); cassandraACLMapper.updateACL(MAILBOX_ID, MailboxACL.command().key(key).rights(rights).asAddition()); assertThat(cassandraACLMapper.getACL(MAILBOX_ID).join()).isEqualTo(new MailboxACL().union(key, rights)); }
@Test public void eventShouldNotUpdateNewParentWhenRenameMailboxWhichDoesContainLookupRight() throws Exception { Mailbox childMailbox = mailboxMapper.getMailboxMapper(mailboxSession).findMailboxById(childMailboxId); mailboxMapper.getMailboxMapper(mailboxSession).setACL(childMailbox, new MailboxACL( new Entry(SHARED_USER_KEY, new Rfc4314Rights(Right.Write)))); storeMailboxManager.renameMailbox(CHILD_MAILBOX, MailboxPath.forUser(OWNER_USER, "shared1.sub1New"), mailboxSession); MailboxACL actualACL = storeMailboxManager.getMailbox(parentMailboxId1, mailboxSession) .getMetaData(RESET_RECENT, mailboxSession, MessageManager.MetaData.FetchGroup.NO_COUNT) .getACL(); assertThat(actualACL.getEntries()) .doesNotContainKeys(SHARED_USER_KEY); }
@Test public void eventShouldUpdateNewParentWhenRenameMailboxWhichContainLookupRight() throws Exception { Mailbox childMailbox = mailboxMapper.getMailboxMapper(mailboxSession).findMailboxById(childMailboxId); mailboxMapper.getMailboxMapper(mailboxSession).setACL(childMailbox, new MailboxACL( new Entry(SHARED_USER_KEY, new Rfc4314Rights(Right.Write, Right.Lookup)))); storeMailboxManager.renameMailbox(CHILD_MAILBOX, MailboxPath.forUser(OWNER_USER, "shared1.sub1New"), mailboxSession); MailboxACL actualACL = storeMailboxManager.getMailbox(parentMailboxId1, mailboxSession) .getMetaData(RESET_RECENT, mailboxSession, MessageManager.MetaData.FetchGroup.NO_COUNT) .getACL(); assertThat(actualACL.getEntries()) .contains(lookupEntry); }