mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-06-30 18:15:39 +00:00
890d3795ce
20440: RM: CapabilitiesTest.testDestroyRecordsCapability (MS SQL Server build) - use non-public nodeService
20441: Include virtual tomcat in installers
20442: Change bitrock builder version to use.
20443: Merged BRANCHES/DEV/V3.3-BUG-FIX to BRANCHES/V3.3: (Fixed tabs and removed 'svn:executable' and 'svn:eol-style')
20384: Merged BRANCHES/DEV/BELARUS/HEAD-2010_04_28 to BRANCHES/DEV/V3.3-BUG-FIX:
20271: ALF-803: Asset Service Improvements
20386: Merged V2.2 to V3.3-BUG-FIX
20385: Merged DEV/BELARUS/V2.2-2010_04_06 to V2.2
20379: V2.2-ALF-1888 AssociationQuery was corrected to filter ...
20387: Version Migrator (ALF-1000) - approx x3 boost (policies ignore version2 store)
20388: Merged BRANCHES/DEV/BELARUS/HEAD-2010_04_28 to BRANCHES/DEV/V3.3-BUG-FIX:
20372: ALF-897: It is impossible to create content when default value selected in ContentHeadlineBackground field for intranet_rssi_landing_template web-form (also fixes ALF-2798 & ALF-791)
20389: Merged BRANCHES/DEV/BELARUS/HEAD-2010_04_28 to BRANCHES/DEV/V3.3-BUG-FIX:
20374: ALF-2723: WCM - Http 500 creating content via webform
20394: Fix for ALF-2257 - It's impossible to find and add group at Records Manage Permissions page
20396: Fixed ALF-2956 "XSS attack is made when a rule is being deleted"
20397: Fix for ALF-922: Mysql does not support unique keys that contain nulls as one would expect
20402: ALF-2186 : Rules not being fired on datalist items - because it's a zero byte file?
20404: Fixed ALF-2109 "Rule doesn't apply to the files in sub-folders when 'Run rule for this folder and its subfolders' action was performed"
20406: Fix for ALF-2985 - Share document library throws error if document modifier or creator is deleted from Alfresco
20409: Improved FormServiceImplTest, added more content related tests and some edge case tests using the FDK model (this test needs to be manually enabled though as the FDK model is not available by default)
20414: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
20401: ALF-2616: Serious Web Form layout performance issues on IE8. This fix contains:
20427: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
20042: ALF-1523: Failed Kerberos SSO auth doesn't fail through, simply returns a blank page
20323: ALF-1523: Failed Kerberos SSO auth doesn't fail through, simply returns a blank page
20428: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
20417: ALF-736: WebDAV Folder Renaming fails on Mac but works on Windows.
20430: Fix for ALF-2313 - Accessing a Doclib folder in Share which has a link to a deleted node fails
20431: Version Migrator (ALF-1000) - migrate 1st batch independently
20432: Fix for ALF-2327 - Can not have more than one Transfer Step in a disposal schedule
20438: ALF-479: Merged DEV/BELARUS/V3.2-2010_01_11 to DEV/V3.3-BUG-FIX
18448: ETHREEOH-4044: External Authentication Subsystem does not perform user mapping for WebDAV requests
20444: Fix for ConcurrentModificationException in file server quota manager. ALF-2970.
20445: Merged HEAD to BRANCHES/V3.3: (RECORD ONLY)
20413: Added clean of quickr project
20446: Changed version to 3.3.1dev
20447: Merged V3.3-BUG-FIX to V3.3
20294: Fixes: ALF-1020 & ALF-1013 for all views except agenda.
20451: Merged V2.2 to V3.3
20450: Merged DEV/BELARUS/V2.2-2010_04_06 to V2.2
20412: ALF-1887: too easy to break alfresco - one can remove the guest user and recreate it but then access to RSS is broken
- PersonServiceImpl.beforeDeleteNode prohibits attempts to delete a guest user.
20452: Fix for transaction error from NFS server file expiry thread. ALF-3016.
20458: ALF-2729 - rationalise (and deprecate) VersionLabelComparator
20460: Fix for ALF-2430
- AVM nodes are not checked for exclusion - the default ACLEntryVoter will always vote for AVM
- avoids embedded AVM permission checks for getType/getAspect and anything else that may be added
- seems AVM read is not checked upon "lookup" for the last node in the PATH (getType should have failed too)
20466: Merged V2.2 to V3.3
20243: (RECORD ONLY) ALF-2814: Merged V3.2 to V2.2
17891: Merged DEV_TEMPORARY to V3.2
17873: ETHREEOH-3810: WCM - Recursion detector erroring
20467: Merged V3.1 to V3.3 (RECORD ONLY)
20276: Incremented version label
20275: ALF-2845: Merged V3.2 to V3.1
17768: Merged DEV/BELARUS/V3.2-2009_11_24 to V3.2
17758: ETHREEOH-3757: Oracle upgrade issue: failed "inviteEmailTemplate" patch - also causes subsequent patches to not be applied
19573: Merged V3.2 to V3.1
19539: Merged HEAD to V3.2
19538: Build fix - fix build speed
20468: Merged PATCHES/V3.2.r to V3.3 (RECORD ONLY)
20357: Merged PATCHES/V3.2.0 to PATCHES/V3.2.r
20349: Merged V3.3 to PATCHES/V3.2.0
20346: ALF-2839: Node pre-loading generates needless resultset rows
- Added missing Criteria.list() call
20339: Incremented version label
20338: Merged PATCHES/V3.2.0 to PATCHES/V3.2.r
20280: Fixed ALF-2839: Node pre-loading generates needless resultset rows
- Split Criteria query to retrieve properties and aspects separately
20272: Backports to help fix ALF-2839: Node pre-loading generates needless resultset rows
Merged BRANCHES/V3.2 to PATCHES/V3.2.0:
18490: Added cache for alf_content_data
Merged BRANCHES/DEV/V3.3-BUG-FIX to PATCHES/V3.2.0:
20231: Fixed ALF-2784: Degradation of performance between 3.1.1 and 3.2x (observed in JSF)
20266: Test reproduction of ALF-2839 failure: Node pre-loading generates needless resultset rows
20469: Merged PATCHES/V3.1.2 to V3.3 (RECORD ONLY)
20393: Eclipse classpath fix to avoid problems in JBoss
20309: ALF-2777: PrimaryChildAssocCopyBehaviour from MOB-388 corrupts cm:name attributes of copied child nodes
- Folded example behaviours from previous AMP into repository
- Fixed PrimaryChildAssocCopyBehaviour to back-up and set the cm:name property on copied children
20470: Merged PATCHES/V3.2.0 to V3.3 (RECORD ONLY)
20465: Incremented version label
20464: ALF-3060: Merged V3.2 to PATCHES/V3.2.0
19920: Merged HEAD to BRANCHES/V3.2:
19918: Fix ALF-2499 (Deleting a web project also deletes similarly named web projects - Potential Data Loss)
20448: Merged DEV/V3.3-BUG-FIX to PATCHES/V3.2.0
20414: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
20401: ALF-2616: Serious Web Form layout performance issues on IE8. This fix contains:
a) X-UA-Compatible head tag with IE=EmulateIE7 value
b) alfresco.ieVersion and alfresco.ieEngine in common.js
c) recurseOnChildren in _updateDisplay
d) Some performance modifications in xforms.js
20350: Increment version label
20349: Merged V3.3 to PATCHES/V3.2.0
20346: ALF-2839: Node pre-loading generates needless resultset rows
- Added missing Criteria.list() call
20471: Fix for offline sync losing metadata properties, due to rename/delete of original file. ALF-575.
20478: Merged HEAD to BRANCHES/V3.3: (RECORD ONLY)
20477: Fix ALF-3086: CMIS checkin of a non-versionable document should make it versionable
20479: ALF-2110: Make it possible to determine which person properties are synced via LDAP and hence immutable
- Added Set<QName> UserRegistrySynchronizer.getPersonMappedProperties(String username)
- UI/Services Fix to follow
20481: Latest SpringSurf libs:
- Fix for ALF-1518 - Added support for HTTP and HTTPS proxies for Surf application remote api calls - via the standard JVM cmd line properties such as -Dhttp.proxyHost=...
20484: ALF-2886: LDAP sync defaults display names incorrectly and can't cope with DNs containing escaped trailing whitespace.
- Had to work around a JDK bug in LDAP RDN parsing
20486: Added case sensitive flag to the file state cache. Part of ALF-570.
20487: Fix for copy/rename of folders causing file exists errors in some cases. ALF-570.
20488: Fix ALF-680: Previously valid content models now fail with CMISAbstractDictionaryService$DictionaryRegistry exception
20489: Uploaded correct version of spring source jars and reunited them with 3rd-party/.classpath
20490: Fix for cannot delete folders via CIFS from Mac OSX, due to desktop actions. ALF-2553.
20491: Merged DEV/TEMPORARY to V3.3 (With corrections)
20485: ALF-2290: a HTTP GET request of a document redirects to the Home Location when using NTLM SSO
The logic related to ADB-61 in NTLMAuthenticationFilter clears previous location and redirects request to default home location. NTLMAuthenticationFilter was changed to process GET requests to documents correctly. Now, fix to ADB-61 processes only “/faces” requests and GET requests to documents are processed correctly.
The same fix was made to KerberosAuthenticationFilter
20492: Fix ALF-680: Previously valid content models now fail with CMISAbstractDictionaryService$DictionaryRegistry exception
- missing remove directory
20493: Fix ALF-2837: ClassCastException in getProperties()
20498: Fix for ALF-2818: Failure to close index writer under certain conditions.
- fix for index writer to close indexes when stopped by exceptions during FTS
- fix FTS job to handle exceptions better
- debug for FTS background operations
20499: ALF-3094: In ticket authenticate method in AuthenticationHelper, invalidate the current session if its cached ticket doesn't match
20500: Fix for ALF-2858 "Zero KB sized bin files will be created in the contentstore when new sites are created" (RECORD ONLY)
20503: AVMTestSuite: minor fixes to cleanup ctx usage (avoid re-loading)
20505: Merged BRANCHES/V2.2 to BRANCHES/V3.3 (record-only)
13859: (record-only) Removed dev from version label
14003: (record-only) Updated version to 2.2.5dev
14566: (record-only) ETWOTWO-1239 - remove workflow interpreter/console bootstrap
14572: (record-only) ETWOTWO-1239 - fix PersonTest to fix JBPMEngineTest (part-sourced from r13247)
14776: (record-only) Merged V3.1 to V2.2
14748: ETHREEOH-2225 - WCM upgrade (performance improvements for MySQL)
20506: NFS ReadDir/ReadDirPlus skips some folder entries. JLAN-98.
20507: Fixed issue with folder search resume id being reset to the wrong value during NFS folder search. Part of JLAN-98.
20508: Merged BRANCHES/V3.2 to BRANCHES/V3.3:
18319: Merged BRANCHES/DEV/BELARUS/V3.2-2010_01_11 to V3.2
18273: ETHREEOH-3834: WCM: An extral .xml.html file is created when editing newly created content
19182: Merged V3.1 to V3.2
18423: ETHREEOH-3850 - Content Manager unable to edit content items if there is a lock on a generated rendition
18432: (RECORD ONLY) Added FTP data port range configuration via <dataPorts>n:n</dataPorts> config value. ETHREEOH-4103.
18451: (RECORD ONLY) Fixed incorrect FTP debug level name.
18577: (RECORD ONLY) Fix for ETHREEOH-4117, based on CHK-11154
18792: Fix ETHREEOH-2729: Import of property with @ symbol in name fails with "start tag unexpected character @ "
19570: ALF-192 / ALF-1750: System Error if user trying submit web content based on web form which was deleted
19583: Merged DEV/BELARUS/V3.2-2010_03_17 to V3.2
19545: ALF-1954: Regression: same item can be submitted multiple times to workflow
19725: AVMStoreDescriptor - fix minor typo (for debugging)
19917: (RECORD ONLY) Merged HEAD to BRANCHES/V3.2:
19880: Fix ALF-898 - WCM: Deleting a file leads to error (only if RM/DOD installed)
19920: (RECORD ONLY) Merged HEAD to BRANCHES/V3.2:
19918: Fix ALF-2499 (Deleting a web project also deletes similarly named web projects - Potential Data Loss)
20509: Merged BRANCHES/V3.2 to BRANCHES/V3.3 (RECORD ONLY):
19825: (RECORD ONLY) Merged PATCHES/V3.2.r to BRANCHES/V3.2:
19804: Merged PATCHES/V3.2.0 to PATCHES/V3.2.r
Merged HEAD to V3.2.0
...
20510: Merged BRANCHES/V3.1 to BRANCHES/V3.3 (RECORD ONLY)
17482: (RECORD ONLY) Merged V3.2 to V3.1
17478: Fix ETHREEOH-3340 - WCM - Revert to snapshot failure (fix AVM getListing -> AVMSync compare -> WCM revertSnapshot)
18783: (RECORD ONLY) MT: ensure group (EMAIL_CONTRIBUTORS) bootstraps tenant admin user (when creating tenant)
20513: Added port change example for remote Alfresco server to share-config-custom.xml.sample
20518: ALF-657 Created tests to check that the 'runas' functionality works in the AlfrescoJavaScript action handler. Also modified the handler to run as the System user if no Authentication is currently set, as may occur if the action handler is being executed asynchronously.
20519: ALF-657 Created tests to check that the 'runas' functionality works in the AlfrescoJavaScript action handler. Also modified the handler to run as the System user if no Authentication is currently set, as may occur if the action handler is being executed asynchronously.
20520: Removed dev version.label
20522: ALF-3129: Map cm:organization property in LDAP as well as cm:organizationId, since cm:organization is what shows up in JSF and Share. Needed by ALF-2110.
20523: First part of fix for ALF-2110:
- Appropriate Person and webframework metadata APIs now return information on immutability of Person properties (as some properties are immutable when synced to LDAP etc.)
- Share client now correctly disables profile fields in User Profile and Admin User Console as appropriate based on individual user property mutability
- Change Password button now correctly enabled/disabled based on account mutability
20524: VersionMigrator - option to run as scheduled job (ALF-1000)
20525: Fix for various IE6 CSS issues:
ALF-3047 - It's impossible to destinate any action with data list item (IE6 specific)
ALF-3049 - Incorrect layout of Manage aspects page
ALF-3050 - Incorrect layout of Assign Workflow form
20526: Fix for ALF-2915 - Select > None feature for Data Lists not working across multiple pages in IE
Closed ALF-2846 - DataList UI not fully I18Ned [Old prototype code]
20527: Fix for ALF-3082 - There is no Edit Offline action at Details page in Share site
20528: Fix various script errors due to typo:
ALF-3088 - Script error occurs on creating duplicated record seria
ALF-3012 - Incorrect behaviour on creating duplicating folders
ALF-3004 - Script error when submitting an item with long data in Prioprity field
20529: Fix for ALF-3006 - Selected Items > Copy to... and Move to actions not working in Document Library
20530: Dynamic Models - fix test(s)
- fix concurrency test for Oracle build (retry if txn lock cannot be acquired)
- when getting deployed models, skip if invalid (eg. cannot be parsed)
20536: Remove @Override (ALF-657)
20537: Activities - (minor) fix NPE for Oracle build/test
20543: Final part of ALF-2110 - Appropriate person properties disabled for editing in Explorer Client if external mapped sync such as LDAP is used.
Fixed issue with Change Password option being disabled incorrectly.
20544: Follow-up fix to r20528
20546: Fix for ALF-3151 - Freemarker causes NPE while deploying 3.3 enterprise onto WebSphere 7.0.0.7
- NOTE: will need to submit patch to freemarker.org
20552: Merged BRANCHES/V3.2 to BRANCHES/V3.3 (RECORD ONLY)
20551: (RECORD ONLY) Merged BRANCHES/V3.3 to BRANCHES/V3.2:
20090: Dynamic models: minor improvements to DictionaryModelType
20553: Fix for escalated issue ALF-2856: Space returns to browse view after completing Add Content dialog; need a way to return to custom view (applied patch provided by customer).
20554: Improvement to model delete validation (investigating intermittent failure of RepoAdminServiceImplTest.testSimpleDynamicModelViaNodeService)
20558: Merged DEV/BELARUS/V3.3-2010_06_08 to V3.3
20550: ALF-922: Mysql does not support unique keys that contain nulls as one would expect ...... duplicates in the alf_access_control_entry table
20562: ALF-3177 - security fix.
20563: Merged BRANCHES/V3.2 to BRANCHES/V3.3:
19412: Fix for ALF-865 "WCM / Cluster: unexpected error when concurrently submitting content"
ALF-862 "WCM submit execution will require locking in a clustered WCM authoring env"
20564: Merged BRANCHES/V3.1 to BRANCHES/V3.3:
20542: Fixed ALF-3152: ImporterComponent transaction retry settings can cause IllegalArgumentException
20568: Follow-up on fix ALF-3152. Fix jobLockService's retryWaitIncrementMs
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@20572 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
4004 lines
243 KiB
Java
4004 lines
243 KiB
Java
/*
|
|
* Copyright (C) 2005-2010 Alfresco Software Limited.
|
|
*
|
|
* This file is part of Alfresco
|
|
*
|
|
* Alfresco is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Lesser General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* Alfresco is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package org.alfresco.repo.avm;
|
|
|
|
import java.io.Serializable;
|
|
import java.util.Date;
|
|
import java.util.HashMap;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
import java.util.Set;
|
|
|
|
import javax.transaction.UserTransaction;
|
|
|
|
import junit.framework.TestCase;
|
|
|
|
import org.alfresco.config.JNDIConstants;
|
|
import org.alfresco.model.ContentModel;
|
|
import org.alfresco.repo.domain.AccessControlListDAO;
|
|
import org.alfresco.repo.domain.DbAccessControlList;
|
|
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
|
import org.alfresco.repo.security.authentication.MutableAuthenticationDao;
|
|
import org.alfresco.repo.security.permissions.PermissionReference;
|
|
import org.alfresco.repo.security.permissions.PermissionServiceSPI;
|
|
import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
|
|
import org.alfresco.repo.security.permissions.impl.ModelDAO;
|
|
import org.alfresco.service.ServiceRegistry;
|
|
import org.alfresco.service.cmr.avm.AVMNodeDescriptor;
|
|
import org.alfresco.service.cmr.avm.AVMService;
|
|
import org.alfresco.service.cmr.avmsync.AVMDifference;
|
|
import org.alfresco.service.cmr.avmsync.AVMSyncService;
|
|
import org.alfresco.service.cmr.dictionary.DictionaryService;
|
|
import org.alfresco.service.cmr.repository.NodeRef;
|
|
import org.alfresco.service.cmr.repository.NodeService;
|
|
import org.alfresco.service.cmr.repository.StoreRef;
|
|
import org.alfresco.service.cmr.security.AccessPermission;
|
|
import org.alfresco.service.cmr.security.AccessStatus;
|
|
import org.alfresco.service.cmr.security.AuthorityService;
|
|
import org.alfresco.service.cmr.security.MutableAuthenticationService;
|
|
import org.alfresco.service.cmr.security.PermissionService;
|
|
import org.alfresco.service.cmr.security.PersonService;
|
|
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
|
import org.alfresco.service.namespace.NamespaceService;
|
|
import org.alfresco.service.namespace.QName;
|
|
import org.alfresco.service.transaction.TransactionService;
|
|
import org.springframework.context.ApplicationContext;
|
|
import org.springframework.orm.hibernate3.LocalSessionFactoryBean;
|
|
|
|
/**
|
|
* Specifically test AVM permissions with the updated ACL schema
|
|
*
|
|
* @author andyh
|
|
*/
|
|
public class AVMServicePermissionsTest extends TestCase
|
|
{
|
|
private static ApplicationContext applicationContext = AVMTestSuite.getContext();
|
|
|
|
protected NodeService nodeService;
|
|
|
|
protected DictionaryService dictionaryService;
|
|
|
|
protected PermissionServiceSPI permissionService;
|
|
|
|
protected MutableAuthenticationService authenticationService;
|
|
|
|
private MutableAuthenticationDao authenticationDAO;
|
|
|
|
protected LocalSessionFactoryBean sessionFactory;
|
|
|
|
protected NodeRef rootNodeRef;
|
|
|
|
protected NamespacePrefixResolver namespacePrefixResolver;
|
|
|
|
protected ServiceRegistry serviceRegistry;
|
|
|
|
protected NodeRef systemNodeRef;
|
|
|
|
protected AuthenticationComponent authenticationComponent;
|
|
|
|
protected ModelDAO permissionModelDAO;
|
|
|
|
protected PersonService personService;
|
|
|
|
protected AuthorityService authorityService;
|
|
|
|
private AclDaoComponent aclDaoComponent;
|
|
|
|
private UserTransaction testTX;
|
|
|
|
private TransactionService transactionService;
|
|
|
|
private AVMService avmService;
|
|
|
|
private AccessControlListDAO avmACLDAO;
|
|
|
|
private AVMNodeDAO avmNodeDAO;
|
|
|
|
private AVMSyncService avmSyncService;
|
|
|
|
public AVMServicePermissionsTest()
|
|
{
|
|
super();
|
|
}
|
|
|
|
@Override
|
|
protected void setUp() throws Exception
|
|
{
|
|
avmNodeDAO = (AVMNodeDAO) applicationContext.getBean("avmNodeDAO");
|
|
|
|
avmACLDAO = (AccessControlListDAO) applicationContext.getBean("avmACLDAO");
|
|
|
|
aclDaoComponent = (AclDaoComponent) applicationContext.getBean("aclDaoComponent");
|
|
avmService = (AVMService) applicationContext.getBean("avmService");
|
|
avmSyncService = (AVMSyncService) applicationContext.getBean("AVMSyncService");
|
|
|
|
nodeService = (NodeService) applicationContext.getBean("nodeService");
|
|
dictionaryService = (DictionaryService) applicationContext.getBean(ServiceRegistry.DICTIONARY_SERVICE.getLocalName());
|
|
permissionService = (PermissionServiceSPI) applicationContext.getBean("permissionService");
|
|
namespacePrefixResolver = (NamespacePrefixResolver) applicationContext.getBean(ServiceRegistry.NAMESPACE_SERVICE.getLocalName());
|
|
authenticationService = (MutableAuthenticationService) applicationContext.getBean("authenticationService");
|
|
authenticationComponent = (AuthenticationComponent) applicationContext.getBean("authenticationComponent");
|
|
serviceRegistry = (ServiceRegistry) applicationContext.getBean(ServiceRegistry.SERVICE_REGISTRY);
|
|
permissionModelDAO = (ModelDAO) applicationContext.getBean("permissionsModelDAO");
|
|
personService = (PersonService) applicationContext.getBean("personService");
|
|
authorityService = (AuthorityService) applicationContext.getBean("authorityService");
|
|
|
|
authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());
|
|
authenticationDAO = (MutableAuthenticationDao) applicationContext.getBean("authenticationDao");
|
|
transactionService = (TransactionService) applicationContext.getBean("transactionComponent");
|
|
|
|
testTX = transactionService.getUserTransaction();
|
|
testTX.begin();
|
|
this.authenticationComponent.setSystemUserAsCurrentUser();
|
|
|
|
StoreRef storeRef = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.nanoTime());
|
|
rootNodeRef = nodeService.getRootNode(storeRef);
|
|
|
|
QName children = ContentModel.ASSOC_CHILDREN;
|
|
QName system = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "system");
|
|
QName container = ContentModel.TYPE_CONTAINER;
|
|
QName types = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "people");
|
|
|
|
systemNodeRef = nodeService.createNode(rootNodeRef, children, system, container).getChildRef();
|
|
NodeRef typesNodeRef = nodeService.createNode(systemNodeRef, children, types, container).getChildRef();
|
|
Map<QName, Serializable> props = createPersonProperties("andy");
|
|
nodeService.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props).getChildRef();
|
|
props = createPersonProperties("lemur");
|
|
nodeService.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props).getChildRef();
|
|
|
|
// create an authentication object e.g. the user
|
|
if (authenticationDAO.userExists("andy"))
|
|
{
|
|
authenticationService.deleteAuthentication("andy");
|
|
}
|
|
authenticationService.createAuthentication("andy", "andy".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("lemur"))
|
|
{
|
|
authenticationService.deleteAuthentication("lemur");
|
|
}
|
|
authenticationService.createAuthentication("lemur", "lemur".toCharArray());
|
|
|
|
if (authenticationDAO.userExists(AuthenticationUtil.getAdminUserName()))
|
|
{
|
|
authenticationService.deleteAuthentication(AuthenticationUtil.getAdminUserName());
|
|
}
|
|
authenticationService.createAuthentication(AuthenticationUtil.getAdminUserName(), "admin".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("manager"))
|
|
{
|
|
authenticationService.deleteAuthentication("manager");
|
|
}
|
|
authenticationService.createAuthentication("manager", "manager".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("publisher"))
|
|
{
|
|
authenticationService.deleteAuthentication("publisher");
|
|
}
|
|
authenticationService.createAuthentication("publisher", "publisher".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("contributor"))
|
|
{
|
|
authenticationService.deleteAuthentication("contributor");
|
|
}
|
|
authenticationService.createAuthentication("contributor", "contributor".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("reviewer"))
|
|
{
|
|
authenticationService.deleteAuthentication("reviewer");
|
|
}
|
|
authenticationService.createAuthentication("reviewer", "reviewer".toCharArray());
|
|
|
|
authenticationComponent.clearCurrentSecurityContext();
|
|
|
|
if (avmService.getStore("main") != null)
|
|
{
|
|
avmService.purgeStore("main");
|
|
}
|
|
}
|
|
|
|
@Override
|
|
protected void tearDown() throws Exception
|
|
{
|
|
|
|
try
|
|
{
|
|
testTX.commit();
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
}
|
|
finally
|
|
{
|
|
AuthenticationUtil.clearCurrentSecurityContext();
|
|
super.tearDown();
|
|
}
|
|
}
|
|
|
|
protected void runAs(String userName)
|
|
{
|
|
authenticationService.authenticate(userName, userName.toCharArray());
|
|
assertNotNull(authenticationService.getCurrentUserName());
|
|
// for(GrantedAuthority authority : woof.getAuthorities())
|
|
// {
|
|
// System.out.println("Auth = "+authority.getAuthority());
|
|
// }
|
|
|
|
}
|
|
|
|
private Map<QName, Serializable> createPersonProperties(String userName)
|
|
{
|
|
HashMap<QName, Serializable> properties = new HashMap<QName, Serializable>();
|
|
properties.put(ContentModel.PROP_USERNAME, userName);
|
|
return properties;
|
|
}
|
|
|
|
protected PermissionReference getPermission(String permission)
|
|
{
|
|
return permissionModelDAO.getPermissionReference(null, permission);
|
|
}
|
|
|
|
private void buildBaseStructure(String base)
|
|
{
|
|
avmService.createStore(base);
|
|
avmService.createDirectory(base + ":/", "base");
|
|
avmService.createDirectory(base + ":/base", "d-a");
|
|
avmService.createDirectory(base + ":/base/d-a", "d-aa");
|
|
avmService.createDirectory(base + ":/base/d-a", "d-ab");
|
|
avmService.createDirectory(base + ":/base/d-a", "d-ac");
|
|
avmService.createFile(base + ":/base/d-a", "f-aa");
|
|
avmService.createDirectory(base + ":/base", "d-b");
|
|
avmService.createDirectory(base + ":/base/d-b", "d-ba");
|
|
avmService.createDirectory(base + ":/base/d-b", "d-bb");
|
|
avmService.createDirectory(base + ":/base/d-b", "d-bc");
|
|
avmService.createFile(base + ":/base/d-b", "f-ba");
|
|
avmService.createDirectory(base + ":/base", "d-c");
|
|
avmService.createDirectory(base + ":/base/d-c", "d-ca");
|
|
avmService.createDirectory(base + ":/base/d-c", "d-cb");
|
|
avmService.createDirectory(base + ":/base/d-c", "d-cc");
|
|
avmService.createFile(base + ":/base/d-c", "f-ca");
|
|
avmService.createFile(base + ":/base", "f-a");
|
|
|
|
avmService.createDirectory(base + ":/base", "d-d");
|
|
avmService.createLayeredDirectory(base + ":/base/d-a", base + ":/base/d-d", "layer-d-a");
|
|
avmService.createLayeredDirectory(base + ":/base/d-b", base + ":/base/d-d", "layer-d-b");
|
|
avmService.createLayeredDirectory(base + ":/base/d-c", base + ":/base/d-d", "layer-d-c");
|
|
avmService.createLayeredFile(base + ":/base/f-a", base + ":/base/d-d", "layer-fa");
|
|
|
|
avmService.createLayeredDirectory(base + ":/base", base + ":/", "layer");
|
|
|
|
String layeredStore1 = base + "-layer-base";
|
|
avmService.createStore(layeredStore1);
|
|
avmService.createLayeredDirectory(base + ":/base", layeredStore1 + ":/", "layer-to-base");
|
|
|
|
String layeredStore2 = base + "-layer-a";
|
|
avmService.createStore(layeredStore2);
|
|
avmService.createLayeredDirectory(base + ":/base/d-a", layeredStore2 + ":/", "layer-to-d-a");
|
|
|
|
String layeredStore3 = base + "-layer-b";
|
|
avmService.createStore(layeredStore3);
|
|
avmService.createLayeredDirectory(base + ":/base/d-b", layeredStore3 + ":/", "layer-to-d-b");
|
|
|
|
String layeredStore4 = base + "-layer-c";
|
|
avmService.createStore(layeredStore4);
|
|
avmService.createLayeredDirectory(base + ":/base/d-c", layeredStore4 + ":/", "layer-to-d-c");
|
|
|
|
String layeredStore5 = base + "-layer-d";
|
|
avmService.createStore(layeredStore5);
|
|
avmService.createLayeredDirectory(base + ":/base/d-d", layeredStore5 + ":/", "layer-to-d-d");
|
|
|
|
String layeredStore6 = base + "-layer-layer-base";
|
|
avmService.createStore(layeredStore6);
|
|
avmService.createLayeredDirectory(layeredStore1 + ":/layer-to-base", layeredStore6 + ":/", "layer-to-layer-to-base");
|
|
|
|
String layeredStore7 = base + "-layer-layer-layer-base";
|
|
avmService.createStore(layeredStore7);
|
|
avmService.createLayeredDirectory(layeredStore6 + ":/layer-to-layer-to-base", layeredStore7 + ":/", "layer-to-layer-to-layer-to-base");
|
|
}
|
|
|
|
private boolean checkPermission(String user, String path, String permission, boolean allowed)
|
|
{
|
|
String curentUser = AuthenticationUtil.getRunAsUser();
|
|
try
|
|
{
|
|
runAs(user);
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, path);
|
|
AVMStore store = AVMDAOs.Instance().fAVMStoreDAO.getByName(nodeRef.getStoreRef().getIdentifier());
|
|
boolean can = AVMRepository.GetInstance().can(store, node, permission, AVMRepository.GetInstance().lookup(-1, path, false).getDirectlyContained());
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
private boolean checkCanPerformance(String user, String path, String permission, boolean allowed, int count)
|
|
{
|
|
String curentUser = AuthenticationUtil.getRunAsUser();
|
|
try
|
|
{
|
|
runAs(user);
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, path);
|
|
AVMStore store = AVMDAOs.Instance().fAVMStoreDAO.getByName(nodeRef.getStoreRef().getIdentifier());
|
|
boolean can = AVMRepository.GetInstance().can(store, node, permission, AVMRepository.GetInstance().lookup(-1, path, false).getDirectlyContained());
|
|
long start = System.nanoTime();
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
can = AVMRepository.GetInstance().can(null, node, permission, AVMRepository.GetInstance().lookup(-1, path, false).getDirectlyContained());
|
|
}
|
|
long end = System.nanoTime();
|
|
System.out.println("Can in " + ((end - start) / 10e9f / count));
|
|
System.out.println("Can per second " + (1 / ((end - start) / 10e9f / count)));
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
private boolean checkHasPermissionsPerformance(String user, String path, String permission, boolean allowed, int count)
|
|
{
|
|
String curentUser = AuthenticationUtil.getRunAsUser();
|
|
try
|
|
{
|
|
runAs(user);
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, path);
|
|
boolean can = permissionService.hasPermission(nodeRef, permission) == AccessStatus.ALLOWED;
|
|
long start = System.nanoTime();
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
can = permissionService.hasPermission(nodeRef, permission) == AccessStatus.ALLOWED;
|
|
}
|
|
long end = System.nanoTime();
|
|
System.out.println("Has Permission in " + ((end - start) / 10e9f / count));
|
|
System.out.println("Has Permission per second " + (1 / ((end - start) / 10e9f / count)));
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
public boolean checkHasPermission(String user, NodeRef nodeRef, String permission, boolean allowed)
|
|
{
|
|
String curentUser = AuthenticationUtil.getRunAsUser();
|
|
try
|
|
{
|
|
runAs(user);
|
|
boolean can = permissionService.hasPermission(nodeRef, permission) == AccessStatus.ALLOWED;
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
public void testSetup() throws Exception
|
|
{
|
|
// test setUp & tearDown
|
|
}
|
|
|
|
public void testStoreAcls() throws Exception
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
AVMNodeDescriptor nodeDesc = avmService.lookup(-1, storeName + ":/base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, nodeDesc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "andy", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.deletePermission(nodeRef.getStoreRef(), "andy", PermissionService.ALL_PERMISSIONS);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.deletePermissions(nodeRef.getStoreRef());
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "andy", PermissionService.ALL_PERMISSIONS, true);
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "andy", PermissionService.READ, true);
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "lemur", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertEquals(permissionService.getAllSetPermissions(nodeRef.getStoreRef()).size(), 3);
|
|
|
|
permissionService.clearPermission(nodeRef.getStoreRef(), "andy");
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertEquals(permissionService.getAllSetPermissions(nodeRef.getStoreRef()).size(), 1);
|
|
|
|
permissionService.clearPermission(nodeRef.getStoreRef(), "lemur");
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission(AuthenticationUtil.getAdminUserName(), nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
|
|
System.out.println(avmService.getStores());
|
|
}
|
|
|
|
}
|
|
|
|
public void testSimpleUpdate() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
avmService.createDirectory(storeName + "-layer-base:/layer-to-base", "update-dir");
|
|
avmService.createFile(storeName + "-layer-base:/layer-to-base/update-dir", "update-file").close();
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList acl = node.getAcl();
|
|
assertNotNull(acl);
|
|
acl = aclDaoComponent.getDbAccessControlList(aclDaoComponent.getInheritedAccessControlList(acl.getId()));
|
|
assertNotNull(acl);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(acl.getId(), fileAcl.getId());
|
|
|
|
avmService.createSnapshot(storeName, "store", "store");
|
|
avmService.createSnapshot(storeName + "-layer-base", "store", "store");
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, storeName + "-layer-base:/layer-to-base", -1, storeName + ":/base", null);
|
|
assertEquals(1, diffs.size());
|
|
assertEquals("[" + storeName + "-layer-base:/layer-to-base/update-dir[-1] > " + storeName + ":/base/update-dir[-1]]", diffs.toString());
|
|
avmSyncService.update(diffs, null, false, false, false, false, "A", "A");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNull(dirAcl);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNull(fileAcl);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNull(fileAcl);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testUpdateWithPermissions() throws Exception
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
AVMNodeDescriptor nodeDesc = avmService.lookup(-1, storeName + ":/base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, nodeDesc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Long baseAcl = avmNodeDAO.getByID(nodeDesc.getId()).getAcl().getId();
|
|
Long inheritedBaseAcl = aclDaoComponent.getInheritedAccessControlList(baseAcl);
|
|
|
|
avmService.createDirectory(storeName + "-layer-base:/layer-to-base", "update-dir");
|
|
avmService.createFile(storeName + "-layer-base:/layer-to-base/update-dir", "update-file").close();
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList acl = node.getAcl();
|
|
assertNotNull(acl);
|
|
acl = aclDaoComponent.getDbAccessControlList(aclDaoComponent.getInheritedAccessControlList(acl.getId()));
|
|
assertNotNull(acl);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(acl.getId(), fileAcl.getId());
|
|
|
|
avmService.createSnapshot(storeName, "store", "store");
|
|
avmService.createSnapshot(storeName + "-layer-base", "store", "store");
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, storeName + "-layer-base:/layer-to-base", -1, storeName + ":/base", null);
|
|
assertEquals(1, diffs.size());
|
|
assertEquals("[" + storeName + "-layer-base:/layer-to-base/update-dir[-1] > " + storeName + ":/base/update-dir[-1]]", diffs.toString());
|
|
avmSyncService.update(diffs, null, false, false, false, false, "A", "A");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(inheritedBaseAcl, dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(inheritedBaseAcl, fileAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(inheritedBaseAcl, fileAcl.getId());
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testComplexStore_AlterInheritance()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.READ, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
// True as unset defaults to allow
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
permissionService.deletePermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS);
|
|
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + ":/base", PermissionService.READ, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission(AuthenticationUtil.getAdminUserName(), storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
// True as unset defaults to allow
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.READ, false));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
// performance
|
|
|
|
checkCanPerformance("lemur", storeName + ":/base", PermissionService.READ, false, 10000);
|
|
checkHasPermissionsPerformance("lemur", storeName + ":/base", PermissionService.READ, false, 10000);
|
|
|
|
String[] excludeL = new String[] { storeName + "-layer-base:/layer-to-base/d-d/layer-d-a" };
|
|
String[] excludeLL = new String[] { storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a" };
|
|
String[] excludeLLL = new String[] { storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a" };
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
excludeLL);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/d-a");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setInheritParentPermissions(nodeRef, false);
|
|
|
|
String[] excludeL2 = new String[] { storeName + "-layer-base:/layer-to-base/d-d/layer-d-a", storeName + "-layer-base:/layer-to-base/d-a" };
|
|
String[] excludeLL2 = new String[] { storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a", storeName + "-layer-layer-base:/layer-to-layer-to-base/d-a" };
|
|
String[] excludeLLL2 = new String[] { storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a",
|
|
storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-a" };
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, excludeL2);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
excludeLL2);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, excludeLLL2);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/d-a");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setInheritParentPermissions(nodeRef, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
excludeLL);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testComplexStore_AddPermissionsToMiddle()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-a:/layer-to-d-a");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// debugPermissions(storeName + ":/base");
|
|
// debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
//
|
|
// DbAccessControlList acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// List<Long> nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
|
|
permissionService.setPermission(nodeRef, "loon", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
// debugPermissions(storeName + ":/base");
|
|
// debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
//
|
|
// acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
//
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
String[] excludeL = new String[] { storeName + "-layer-base:/layer-to-base/d-d/layer-d-a" };
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "loon", PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
String[] excludeLL = new String[] { storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a" };
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "loon", PermissionService.ALL_PERMISSIONS, true, excludeLL);
|
|
String[] excludeLLL = new String[] { storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a" };
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "loon", PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
debugPermissions(storeName + ":/base");
|
|
debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
|
|
// acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// // need to fix up inheritance as is has changed
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "monkey", PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "monkey", PermissionService.ALL_PERMISSIONS, true, excludeLL);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "monkey", PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
debugPermissions(storeName + ":/base");
|
|
debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
|
|
// acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// // need to fix up inheritance as is has changed
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
//
|
|
desc = avmService.lookup(-1, storeName + ":/base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "base", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
debugPermissions(storeName + ":/base");
|
|
debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
checkHeadPermissionForPath(storeName + ":/base", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", "base", PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "base", PermissionService.ALL_PERMISSIONS, true, excludeLL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "base", PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testComplexStore_AddPermissionsToBottom()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
permissionService.setPermission(nodeRef, "squid", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
permissionService.deletePermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
permissionService.setPermission(nodeRef, "me", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/d-a");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "lemon", PermissionService.READ, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + ":/base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
* create directories & file in main
|
|
* set file permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleFilePermissionDiff() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
// create directories and file in main
|
|
System.out.println("create D: " + baseStore + ":/base");
|
|
avmService.createDirectory(baseStore + ":/", "base");
|
|
System.out.println("create D: " + baseStore + ":/base/d-a");
|
|
avmService.createDirectory(baseStore + ":/base", "d-a");
|
|
System.out.println("create F: " + baseStore + ":/base/d-a/f-aa");
|
|
avmService.createFile(baseStore + ":/base/d-a", "f-aa").close();
|
|
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer-to-base -> " + baseStore + ":/base");
|
|
avmService.createLayeredDirectory(baseStore + ":/base", layeredStore + ":/", "layer-to-base");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer-to-base/d-a/f-aa");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on file in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer-to-base/d-a/f-aa");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals("["+layeredStore+":/layer-to-base/d-a/f-aa[-1] > "+baseStore+":/base/d-a/f-aa[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer-to-base", baseStore + ":/base");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main & layer
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer-to-base/d-a/f-aa");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that file in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in main
|
|
* set directory permission in main
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff0() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
// create directory in main
|
|
System.out.println("create D: " + baseStore + ":/d-a");
|
|
avmService.createDirectory(baseStore + ":/", "d-a");
|
|
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef baseNodeRef = AVMNodeConverter.ToNodeRef(-1, baseNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in main
|
|
System.out.println("set P (DELETE): " + baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(baseNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// update main from layer - NOOP
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// flatten - NOOP
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in main
|
|
* set directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff1() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
// create directory in main
|
|
System.out.println("create D: " + baseStore + ":/d-a");
|
|
avmService.createDirectory(baseStore + ":/", "d-a");
|
|
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff2() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
* set another directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff3() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// repeat with another directory permission
|
|
|
|
// set WRITE directory permission in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the WRITE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set directory permission in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* create file in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
* set another directory permission in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff4() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// create file in layer
|
|
System.out.println("create F: " + layeredStore + ":/layer/d-a/f-aa");
|
|
avmService.createFile(layeredStore + ":/layer/d-a", "f-aa").close();
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a/f-aa[-1] > "+baseStore+":/d-a/f-aa[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// set another directory permission
|
|
|
|
// set WRITE directory permission in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the WRITE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set two directory permissions in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
* remove one of the directory permissions in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff5() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// set WRITE permission on directory in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// remove one of the directory permissions
|
|
|
|
// delete DELETE directory permission in layer
|
|
System.out.println("delete P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.deletePermission(layeredNodeRef, "andy", PermissionService.DELETE);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the DELETE permission is no longer set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE permission is still set in main (and appears in layer)
|
|
// check that the DELETE permission is not set in main (or layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set two directory permissions in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
* remove one of the existing directory permissions in layer
|
|
* set a different directory permission in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff6() throws Throwable
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
|
|
String prefix = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String baseStore = prefix+"-main";
|
|
String layeredStore = prefix+"-layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// set WRITE permission on directory in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// remove one of the directory permissions
|
|
|
|
// delete DELETE directory permission in layer
|
|
System.out.println("delete P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.deletePermission(layeredNodeRef, "andy", PermissionService.DELETE);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// set READ permission on directory in layer
|
|
System.out.println("set P (READ): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.READ, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.READ, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.READ, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the DELETE permission is no longer set in main
|
|
// check that the READ permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.READ, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE & READ permissions are set in main (and appear in layer)
|
|
// check that the DELETE permission is not set in main (or layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.READ, true);
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
private void checkHeadPermissionForPath(String path, String authority, String permission, boolean allow, String[] excludes)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
checkHeadPermission(desc, authority, permission, allow);
|
|
if (desc.isDirectory())
|
|
{
|
|
Map<String, AVMNodeDescriptor> children = avmService.getDirectoryListing(desc);
|
|
for (String child : children.keySet())
|
|
{
|
|
String newPath = path + "/" + child;
|
|
if (excludes != null)
|
|
{
|
|
for (String exclude : excludes)
|
|
{
|
|
if (newPath.startsWith(exclude))
|
|
{
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
checkHeadPermissionForPath(newPath, authority, permission, allow, excludes);
|
|
}
|
|
}
|
|
}
|
|
|
|
private void checkHeadPermissionNotSetForPath(String path, String authority, String permission, boolean allow, String[] excludes)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
checkHeadPermissionNotSet(desc, authority, permission, allow);
|
|
if (desc.isDirectory())
|
|
{
|
|
Map<String, AVMNodeDescriptor> children = avmService.getDirectoryListing(desc);
|
|
for (String child : children.keySet())
|
|
{
|
|
String newPath = path + "/" + child;
|
|
if (excludes != null)
|
|
{
|
|
for (String exclude : excludes)
|
|
{
|
|
if (newPath.startsWith(exclude))
|
|
{
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
checkHeadPermissionNotSetForPath(newPath, authority, permission, allow, excludes);
|
|
}
|
|
}
|
|
}
|
|
|
|
private void checkHeadPermission(AVMNodeDescriptor desc, String authority, String permission, boolean allow)
|
|
{
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Set<AccessPermission> set = permissionService.getAllSetPermissions(nodeRef);
|
|
for (AccessPermission p : set)
|
|
{
|
|
if (p.getAuthority().equals(authority))
|
|
{
|
|
if (p.getPermission().equals(permission))
|
|
{
|
|
// debugPermissions(desc.getPath());
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
debugPermissions(desc.getPath());
|
|
fail("Permisssions not found at " + desc.getPath());
|
|
// System.err.println("Permisssions not found at "+desc.getPath());
|
|
}
|
|
|
|
private void checkHeadPermissionNotSet(AVMNodeDescriptor desc, String authority, String permission, boolean allow)
|
|
{
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Set<AccessPermission> set = permissionService.getAllSetPermissions(nodeRef);
|
|
for (AccessPermission p : set)
|
|
{
|
|
if (p.getAuthority().equals(authority))
|
|
{
|
|
if (p.getPermission().equals(permission))
|
|
{
|
|
debugPermissions(desc.getPath());
|
|
fail("Permisssions found at " + desc.getPath());
|
|
}
|
|
}
|
|
}
|
|
// debugPermissions(desc.getPath());
|
|
// fail("Permisssions not found at "+desc.getPath());
|
|
// System.err.println("Permisssions not found at "+desc.getPath());
|
|
}
|
|
|
|
public void testRedirectLayeredDirectory()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createFile(storeName + ":/www", "dog");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
avmService.createFile(storeName + ":/www/avm-web-apps", "cat");
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.READ, true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Editor", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentManager", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentPublisher", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentContributor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentReviewer", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "publisher", "Collaborator", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Collaborator", true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Contributor", true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Editor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Editor", true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Editor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Editor", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "contributor", "Coordinator", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Contributor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Contributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Contributor", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Editor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Editor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Editor", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Editor", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "reviewer", "Editor", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Coordinator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Collaborator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Contributor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Editor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Editor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Editor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Editor", true));
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + ":/", "layer");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www/avm-web-apps");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", PermissionService.READ, true);
|
|
avmService.createDirectory(storeName + ":/layer", "l-d");
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "directory-monkey", PermissionService.READ, true);
|
|
avmService.createFile(storeName + ":/layer", "l-f");
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "file-monkey", PermissionService.READ, true);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
debugPermissions(storeName + ":/layer/avm-web-apps/cat");
|
|
|
|
// As we have set permissions on this node it has done COW and now defined its own permissions.
|
|
// Changing the target does not change the permissions just the content and locations
|
|
// Some underlying nodes have not been COWed - and so pick up underlygin changes
|
|
// - it is only layer and its direct children that will now hace fixed permissions.
|
|
// Joy all round
|
|
|
|
// Note copy on writed nodes will move taking context.... so cat appears in two places
|
|
// / over layed as cat .... and also as avm-web-apps from the previous copy on write and then move ....
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www/avm-web-apps");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testCopy()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Map<String, Integer> s1 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Map<String, Integer> s2 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
Map<String, Integer> s3 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
Map<String, Integer> s4 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
Map<String, Integer> s5 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
Map<String, Integer> s6 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
|
|
avmService.copy(-1, storeName + ":/www", storeName + ":/", "head");
|
|
desc = avmService.lookup(-1, storeName + ":/head");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/head/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.copy(s1.get(storeName), storeName + ":/www", storeName + ":/", "s1");
|
|
desc = avmService.lookup(-1, storeName + ":/s1");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
desc = avmService.lookup(-1, storeName + ":/s1/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
|
|
avmService.copy(s2.get(storeName), storeName + ":/www", storeName + ":/", "s2");
|
|
desc = avmService.lookup(-1, storeName + ":/s2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/s2/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.copy(s3.get(storeName), storeName + ":/www", storeName + ":/", "s3");
|
|
desc = avmService.lookup(-1, storeName + ":/s3");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/s3/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
|
|
avmService.copy(s4.get(storeName), storeName + ":/www", storeName + ":/", "s4");
|
|
desc = avmService.lookup(-1, storeName + ":/s4");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/s4/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.copy(s5.get(storeName), storeName + ":/www", storeName + ":/", "s5");
|
|
desc = avmService.lookup(-1, storeName + ":/s5");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/s5/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
avmService.copy(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.copy(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.copy(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testBranches()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Map<String, Integer> s1 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Map<String, Integer> s2 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
Map<String, Integer> s3 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
Map<String, Integer> s4 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
Map<String, Integer> s5 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
Map<String, Integer> s6 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
|
|
avmService.createBranch(-1, storeName + ":/www", storeName + ":/", "head");
|
|
desc = avmService.lookup(-1, storeName + ":/head");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/head/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.createBranch(s1.get(storeName), storeName + ":/www", storeName + ":/", "s1");
|
|
desc = avmService.lookup(-1, storeName + ":/s1");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
desc = avmService.lookup(-1, storeName + ":/s1/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
|
|
avmService.createBranch(s2.get(storeName), storeName + ":/www", storeName + ":/", "s2");
|
|
desc = avmService.lookup(-1, storeName + ":/s2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/s2/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createBranch(s3.get(storeName), storeName + ":/www", storeName + ":/", "s3");
|
|
desc = avmService.lookup(-1, storeName + ":/s3");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/s3/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
|
|
avmService.createBranch(s4.get(storeName), storeName + ":/www", storeName + ":/", "s4");
|
|
desc = avmService.lookup(-1, storeName + ":/s4");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/s4/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.createBranch(s5.get(storeName), storeName + ":/www", storeName + ":/", "s5");
|
|
desc = avmService.lookup(-1, storeName + ":/s5");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/s5/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
avmService.createBranch(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.createBranch(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.createBranch(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
@SuppressWarnings("unused")
|
|
public void testWCMStyleTemplateAsBranch()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
String branchName = storeName + "-Branch";
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Map<String, Integer> s1 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Map<String, Integer> s2 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
Map<String, Integer> s3 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
Map<String, Integer> s4 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
Map<String, Integer> s5 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
Map<String, Integer> s6 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.createStore(branchName);
|
|
avmService.createBranch(-1, storeName + ":/www", branchName + ":/", "www");
|
|
avmService.createSnapshot(branchName, null, null);
|
|
|
|
|
|
desc = avmService.lookup(-1, branchName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, branchName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
|
|
// Check the branch remains unchanged when the template is changed
|
|
|
|
debugPermissions(storeName + ":/www");
|
|
debugPermissions(branchName + ":/www");
|
|
debugPermissions(branchName + ":/www/avm-web-apps");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "template", "ContentReviewer", true);
|
|
|
|
desc = avmService.lookup(-1, branchName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, branchName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
debugPermissions(storeName + ":/www");
|
|
debugPermissions(branchName + ":/www");
|
|
debugPermissions(branchName + ":/www/avm-web-apps");
|
|
|
|
desc = avmService.lookup(-1, branchName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "new", "ContentReviewer", true);
|
|
|
|
desc = avmService.lookup(-1, branchName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
desc = avmService.lookup(-1, branchName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
debugPermissions(storeName + ":/www");
|
|
debugPermissions(branchName + ":/www");
|
|
debugPermissions(branchName + ":/www/avm-web-apps");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(branchName);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Test the basic permission model where
|
|
*/
|
|
public void testSimpleExternalLayer() throws Exception
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
Long definingId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
String definingGuid = aclDaoComponent.getAccessControlListProperties(definingId).getAclId();
|
|
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(definingId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "directory");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "file");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// simple layer
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createSnapshot(storeName + "-a-", null, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions beneath and check they appear up
|
|
// Check version has not moved and the id is the same as they are in the same TX and will not have COWed
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// debugPermissionsut.println("BEFORE:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
|
|
testTX.commit();
|
|
testTX = transactionService.getUserTransaction();
|
|
testTX.begin();
|
|
|
|
permissionService.setPermission(nodeRef, "andy", "ContentReviewer", true);
|
|
|
|
// System.out.println("AFTER:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
|
|
Long newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
assertFalse(newId.equals(definingId));
|
|
assertEquals(definingGuid, aclDaoComponent.getAccessControlListProperties(newId).getAclId());
|
|
assertEquals(aclDaoComponent.getAccessControlListProperties(definingId).getAclVersion().longValue() + 1, aclDaoComponent.getAccessControlListProperties(newId)
|
|
.getAclVersion().longValue());
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions to the layer
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "bob", "ContentReviewer", true);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
|
|
}
|
|
}
|
|
|
|
// Comment-out for now due to intermittent failure: expected:<6> but was:<7>
|
|
public void x_testSimpleInternalLayer()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
Long definingId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
String definingGuid = aclDaoComponent.getAccessControlListProperties(definingId).getAclId();
|
|
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(definingId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "directory");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "file");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// simple layer
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + ":/", "layer");
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createSnapshot(storeName, null, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions beneath and check they appear up
|
|
// Check version has not moved and the id is the same as they are in the same TX and will not have COWed
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// System.out.println("BEFORE:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/layer");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
|
|
permissionService.setPermission(nodeRef, "andy", "ContentReviewer", true);
|
|
|
|
// System.out.println("AFTER:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/layer");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
|
|
Long newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
assertFalse(newId.equals(definingId));
|
|
assertEquals(definingGuid, aclDaoComponent.getAccessControlListProperties(newId).getAclId());
|
|
assertEquals(aclDaoComponent.getAccessControlListProperties(definingId).getAclVersion().longValue() + 1, aclDaoComponent.getAccessControlListProperties(newId)
|
|
.getAclVersion().longValue());
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions to the layer
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "bob", "ContentReviewer", true);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
private void debugPermissions(String path)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
DbAccessControlList acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
System.out.println(path);
|
|
System.out.println("\t => Ind="
|
|
+ desc.getIndirection() + ",Deleted=" + desc.isDeleted() + ",LD=" + desc.isLayeredDirectory() + ",LF=" + desc.isLayeredFile() + ",PD=" + desc.isPlainDirectory()
|
|
+ ",PF=" + desc.isPlainFile() + ",Primary=" + desc.isPrimary());
|
|
System.out.println("\t => " + acl);
|
|
}
|
|
|
|
public void testMutationsWithSimpleLayers()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// debugPermissions(storeName + ":/");
|
|
// /debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
|
|
// System.out.println("Snapshot");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
|
|
// System.out.println("Layered");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "directory");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
// System.out.println("New Dir");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.createDirectory(storeName + "-a-:/www/avm-web-apps/ROOT", "directory2");
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
// System.out.println("Before Andy");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
permissionService.setPermission(nodeRef, "andy", "ContentReviewer", true);
|
|
// System.out.println("Before Lemur");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
permissionService.setPermission(nodeRef, "lemur", "ContentReviewer", true);
|
|
// System.out.println("After");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "bob", "ContentReviewer", true);
|
|
permissionService.setPermission(nodeRef, "jim", "ContentReviewer", true);
|
|
permissionService.setPermission(nodeRef, "dave", "ContentReviewer", true);
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "file");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
// TODO: Check this
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
|
|
avmService.createFile(storeName + "-a-:/www/avm-web-apps/ROOT", "file2");
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 10);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainDirectory()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After One");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Two");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Three");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Four");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "test", storeName + ":/www/avm-web-apps/ROOT", "lemon");
|
|
// System.out.println("After Rename to lemon");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "lemon", storeName + ":/www/avm-web-apps", "orange");
|
|
// System.out.println("After move up and rename 1");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps", "orange", storeName + ":/www", "blue");
|
|
// System.out.println("After move up and rename 2");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/blue");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/blue");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainFile()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After One");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Two");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Three");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Four");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "test", storeName + ":/www/avm-web-apps/ROOT", "lemon");
|
|
// System.out.println("After Rename to lemon");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "lemon", storeName + ":/www/avm-web-apps", "orange");
|
|
// System.out.println("After move up and rename 1");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps", "orange", storeName + ":/www", "blue");
|
|
// System.out.println("After move up and rename 2");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/blue");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/blue");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainDirectoryIntoLayer()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
|
|
avmService.rename(storeName + "-a-:/www/avm-web-apps/ROOT", "test", storeName + "-a-:/www/avm-web-apps/ROOT", "banana");
|
|
// System.out.println("In Source");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
// System.out.println("In Layer");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/banana");
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainFileIntoLayer()
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
|
|
avmService.rename(storeName + "-a-:/www/avm-web-apps/ROOT", "test", storeName + "-a-:/www/avm-web-apps/ROOT", "banana");
|
|
// System.out.println("File In Source");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
// System.out.println("File In Layer");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/banana");
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Helper to write a recursive listing of latest version of an AVMStore.
|
|
* @param repoName The name of the AVMStore.
|
|
*/
|
|
protected void recursiveList(String store)
|
|
{
|
|
String list = recursiveList(store, -1, true);
|
|
System.out.println(store+":");
|
|
System.out.println(list);
|
|
}
|
|
|
|
/**
|
|
* Helper to write a recursive listing of an AVMStore at a given version.
|
|
* @param repoName The name of the AVMStore.
|
|
* @param version The version to look under.
|
|
*/
|
|
protected String recursiveList(String repoName, int version, boolean followLinks)
|
|
{
|
|
return recursiveList(repoName + ":/", version, 0, followLinks);
|
|
}
|
|
|
|
/**
|
|
* Recursive list the given path.
|
|
* @param path The path.
|
|
* @param version The version.
|
|
* @param indent The current indent level.
|
|
*/
|
|
protected String recursiveList(String path, int version, int indent, boolean followLinks)
|
|
{
|
|
StringBuilder builder = new StringBuilder();
|
|
for (int i = 0; i < indent; i++)
|
|
{
|
|
builder.append(' ');
|
|
}
|
|
builder.append(path.substring(path.lastIndexOf('/') + 1));
|
|
builder.append(' ');
|
|
AVMNodeDescriptor desc = avmService.lookup(version, path, true);
|
|
builder.append(desc.toString());
|
|
builder.append(" - ");
|
|
|
|
AVMNode layeredNode = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList acl = layeredNode.getAcl();
|
|
builder.append(acl);
|
|
|
|
builder.append('\n');
|
|
if (desc.getType() == AVMNodeType.PLAIN_DIRECTORY ||
|
|
(desc.getType() == AVMNodeType.LAYERED_DIRECTORY && followLinks))
|
|
{
|
|
String basename = path.endsWith("/") ? path : path + "/";
|
|
Map<String, AVMNodeDescriptor> listing = avmService.getDirectoryListing(version, path);
|
|
for (String name : listing.keySet())
|
|
{
|
|
builder.append(recursiveList(basename + name, version, indent + 2, followLinks));
|
|
}
|
|
}
|
|
return builder.toString();
|
|
}
|
|
|
|
|
|
private static final String FILE_NAME = "fileForExport";
|
|
private static final String ROOT = "ROOT";
|
|
|
|
private void createStagingWithSnapshots(String storeName)
|
|
{
|
|
if (avmService.getStore(storeName) != null)
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
|
|
avmService.createStore(storeName);
|
|
assertNotNull(avmService.getStore(storeName));
|
|
|
|
avmService.createDirectory(storeName + ":/", JNDIConstants.DIR_DEFAULT_WWW);
|
|
avmService.createSnapshot(storeName, "first", "first");
|
|
assertNotNull(avmService.lookup(-1, storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW));
|
|
avmService.createDirectory(storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW, JNDIConstants.DIR_DEFAULT_APPBASE);
|
|
avmService.createSnapshot(storeName, "second", "second");
|
|
assertNotNull(avmService.lookup(-1, storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW + "/" + JNDIConstants.DIR_DEFAULT_APPBASE));
|
|
avmService.createDirectory(storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW + "/" + JNDIConstants.DIR_DEFAULT_APPBASE, ROOT);
|
|
avmService.createSnapshot(storeName, "third", "third");
|
|
assertNotNull(avmService.lookup(-1, storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW + "/" + JNDIConstants.DIR_DEFAULT_APPBASE + "/" + ROOT));
|
|
avmService.createFile(storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW + "/" + JNDIConstants.DIR_DEFAULT_APPBASE + "/" + ROOT, FILE_NAME);
|
|
avmService.createSnapshot(storeName, "fourth", "fourth");
|
|
assertNotNull(avmService.lookup(-1, storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW + "/" + JNDIConstants.DIR_DEFAULT_APPBASE + "/" + ROOT + "/" + FILE_NAME));
|
|
|
|
}
|
|
|
|
private void removeStore(String storeName)
|
|
{
|
|
if (avmService.getStore(storeName) != null)
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
assertNull(avmService.getStore(storeName));
|
|
}
|
|
|
|
public void testSetInheritParentPermissions() throws Exception
|
|
{
|
|
runAs(AuthenticationUtil.getAdminUserName());
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
createStagingWithSnapshots(storeName);
|
|
|
|
AVMNodeDescriptor nodeDescriptor = avmService.lookup(-1, storeName + ":/" + JNDIConstants.DIR_DEFAULT_WWW + "/" + JNDIConstants.DIR_DEFAULT_APPBASE + "/" + ROOT + "/"
|
|
+ FILE_NAME);
|
|
assertNotNull(nodeDescriptor);
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, nodeDescriptor.getPath());
|
|
assertNotNull(nodeRef);
|
|
|
|
permissionService.setInheritParentPermissions(nodeRef, false);
|
|
assertFalse(permissionService.getInheritParentPermissions(nodeRef));
|
|
permissionService.setInheritParentPermissions(nodeRef, true);
|
|
assertTrue(permissionService.getInheritParentPermissions(nodeRef));
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
e.printStackTrace();
|
|
throw e;
|
|
}
|
|
finally
|
|
{
|
|
removeStore(storeName);
|
|
}
|
|
}
|
|
}
|