@Test public void putInCacheAclWithParent() throws Exception { Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2)); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority( "ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL")); MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); acl.setParent(parentAcl); myCache.putInCache(acl); verify(cache, times(4)).put(element.capture()); List<Element> allValues = element.getAllValues(); assertThat(allValues.get(0).getKey()).isEqualTo(parentAcl.getObjectIdentity()); assertThat(allValues.get(0).getObjectValue()).isEqualTo(parentAcl); assertThat(allValues.get(1).getKey()).isEqualTo(parentAcl.getId()); assertThat(allValues.get(1).getObjectValue()).isEqualTo(parentAcl); assertThat(allValues.get(2).getKey()).isEqualTo(acl.getObjectIdentity()); assertThat(allValues.get(2).getObjectValue()).isEqualTo(acl); assertThat(allValues.get(3).getKey()).isEqualTo(acl.getId()); assertThat(allValues.get(3).getObjectValue()).isEqualTo(acl); }
aclAuthorizationStrategy, auditLogger); acl.setParent(parentAcl);
MutableAcl child = jdbcMutableAclService.createAcl(new ObjectIdentityImpl( TARGET_CLASS, Long.valueOf(2))); child.setParent(parent); jdbcMutableAclService.updateAcl(child);
assertThat(acl.getEntries()).hasSize(2); acl.setParent(parentAcl); assertThat(parentAcl).isEqualTo(acl.getParentAcl());
/** * SEC-655 */ @Test @Transactional public void childrenAreClearedFromCacheWhenParentIsUpdated() throws Exception { Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_ADMINISTRATOR"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity parentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(104)); ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(105)); MutableAcl parent = jdbcMutableAclService.createAcl(parentOid); MutableAcl child = jdbcMutableAclService.createAcl(childOid); child.setParent(parent); jdbcMutableAclService.updateAcl(child); parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid); parent.insertAce(0, BasePermission.READ, new PrincipalSid("ben"), true); jdbcMutableAclService.updateAcl(parent); parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid); parent.insertAce(1, BasePermission.READ, new PrincipalSid("scott"), true); jdbcMutableAclService.updateAcl(parent); child = (MutableAcl) jdbcMutableAclService.readAclById(childOid); parent = (MutableAcl) child.getParentAcl(); assertThat(parent.getEntries()).hasSize(2).withFailMessage("Fails because child has a stale reference to its parent"); assertThat(parent.getEntries().get(0).getPermission().getMask()).isEqualTo(1); assertThat(parent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben")); assertThat(parent.getEntries().get(1).getPermission().getMask()).isEqualTo(1); assertThat(parent.getEntries().get(1).getSid()).isEqualTo(new PrincipalSid("scott")); }
@Test @Transactional public void deleteAclWithChildrenThrowsException() throws Exception { SecurityContextHolder.getContext().setAuthentication(auth); MutableAcl parent = jdbcMutableAclService.createAcl(getTopParentOid()); MutableAcl child = jdbcMutableAclService.createAcl(getMiddleParentOid()); // Specify the inheritance hierarchy child.setParent(parent); jdbcMutableAclService.updateAcl(child); try { jdbcMutableAclService.setForeignKeysInDatabase(false); // switch on FK // checking in the // class, not database jdbcMutableAclService.deleteAcl(getTopParentOid(), false); fail("It should have thrown ChildrenExistException"); } catch (ChildrenExistException expected) { } finally { jdbcMutableAclService.setForeignKeysInDatabase(true); // restore to the // default } }
MutableAcl middleParent = jdbcMutableAclService.createAcl(getMiddleParentOid()); MutableAcl child = jdbcMutableAclService.createAcl(getChildOid()); child.setParent(middleParent); jdbcMutableAclService.updateAcl(middleParent); jdbcMutableAclService.updateAcl(child);
/** * {@inheritDoc} */ @Override public void setParent(Acl newParent) { acl.setParent(newParent); }
@Transactional @Override public void changeAclParent( MutableAcl acl, ObjectIdentity parent ) { if ( acl != null ) { Acl parentAcl = acl.getParentAcl(); if ( parent == null && parentAcl != null ) { acl.setParent( null ); updateAcl( acl ); } else if ( parent != null ) { Acl newParentAcl = getAcl( parent ); if ( newParentAcl == null ) { newParentAcl = createAcl( parent ); } if ( parentAcl == null || !parentAcl.getObjectIdentity().equals( newParentAcl.getObjectIdentity() ) ) { acl.setParent( newParentAcl ); updateAcl( acl ); } } } }
@Transactional @Override public MutableAcl createAclWithParent( @NonNull ObjectIdentity objectIdentity, ObjectIdentity parent ) { MutableAcl acl; try { acl = (MutableAcl) aclService.readAclById( objectIdentity ); changeAclParent( acl, parent ); return acl; } catch ( NotFoundException nfe ) { acl = aclService.createAcl( objectIdentity ); } if ( parent != null ) { Acl parentAcl = getAcl( parent ); if ( parentAcl == null ) { parentAcl = createAcl( parent ); } acl.setParent( parentAcl ); } return aclService.updateAcl( acl ); }
acl.setParent(parentAcl); if (parentAcl.getEntries() == null || parentAcl.getEntries().size() <= 0) { parentAcl.insertAce(0, permissionFactory.buildFromMask(authorityMask), sid, true);