mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-06-16 17:55:15 +00:00
e438c81d27
AVM folder diff (r9383-r9503) git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@9545 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
3839 lines
232 KiB
Java
3839 lines
232 KiB
Java
/*
|
|
* Copyright (C) 2005-2008 Alfresco Software Limited.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version 2
|
|
* of the License, or (at your option) any later version.
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
* As a special exception to the terms and conditions of version 2.0 of
|
|
* the GPL, you may redistribute this Program in connection with Free/Libre
|
|
* and Open Source Software ("FLOSS") applications as described in Alfresco's
|
|
* FLOSS exception. You should have recieved a copy of the text describing
|
|
* the FLOSS exception, and it is also available here:
|
|
* http://www.alfresco.com/legal/licensing"
|
|
*/
|
|
|
|
package org.alfresco.repo.avm;
|
|
|
|
import java.io.Serializable;
|
|
import java.util.Date;
|
|
import java.util.HashMap;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
import java.util.Set;
|
|
|
|
import javax.transaction.UserTransaction;
|
|
|
|
import junit.framework.TestCase;
|
|
|
|
import org.alfresco.model.ContentModel;
|
|
import org.alfresco.repo.domain.AccessControlListDAO;
|
|
import org.alfresco.repo.domain.DbAccessControlList;
|
|
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
|
import org.alfresco.repo.security.authentication.MutableAuthenticationDao;
|
|
import org.alfresco.repo.security.permissions.PermissionReference;
|
|
import org.alfresco.repo.security.permissions.PermissionServiceSPI;
|
|
import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
|
|
import org.alfresco.repo.security.permissions.impl.ModelDAO;
|
|
import org.alfresco.service.ServiceRegistry;
|
|
import org.alfresco.service.cmr.avm.AVMNodeDescriptor;
|
|
import org.alfresco.service.cmr.avm.AVMService;
|
|
import org.alfresco.service.cmr.avmsync.AVMDifference;
|
|
import org.alfresco.service.cmr.avmsync.AVMSyncService;
|
|
import org.alfresco.service.cmr.dictionary.DictionaryService;
|
|
import org.alfresco.service.cmr.repository.NodeRef;
|
|
import org.alfresco.service.cmr.repository.NodeService;
|
|
import org.alfresco.service.cmr.repository.StoreRef;
|
|
import org.alfresco.service.cmr.security.AccessPermission;
|
|
import org.alfresco.service.cmr.security.AccessStatus;
|
|
import org.alfresco.service.cmr.security.AuthenticationService;
|
|
import org.alfresco.service.cmr.security.AuthorityService;
|
|
import org.alfresco.service.cmr.security.PermissionService;
|
|
import org.alfresco.service.cmr.security.PersonService;
|
|
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
|
import org.alfresco.service.namespace.NamespaceService;
|
|
import org.alfresco.service.namespace.QName;
|
|
import org.alfresco.service.transaction.TransactionService;
|
|
import org.alfresco.util.ApplicationContextHelper;
|
|
import org.springframework.context.ApplicationContext;
|
|
import org.springframework.orm.hibernate3.LocalSessionFactoryBean;
|
|
|
|
/**
|
|
* Specifically test AVM permissions with the updated ACL schema
|
|
*
|
|
* @author andyh
|
|
*/
|
|
public class AVMServicePermissionsTest extends TestCase
|
|
{
|
|
private static ApplicationContext applicationContext = ApplicationContextHelper.getApplicationContext();
|
|
|
|
protected NodeService nodeService;
|
|
|
|
protected DictionaryService dictionaryService;
|
|
|
|
protected PermissionServiceSPI permissionService;
|
|
|
|
protected AuthenticationService authenticationService;
|
|
|
|
private MutableAuthenticationDao authenticationDAO;
|
|
|
|
protected LocalSessionFactoryBean sessionFactory;
|
|
|
|
protected NodeRef rootNodeRef;
|
|
|
|
protected NamespacePrefixResolver namespacePrefixResolver;
|
|
|
|
protected ServiceRegistry serviceRegistry;
|
|
|
|
protected NodeRef systemNodeRef;
|
|
|
|
protected AuthenticationComponent authenticationComponent;
|
|
|
|
protected ModelDAO permissionModelDAO;
|
|
|
|
protected PersonService personService;
|
|
|
|
protected AuthorityService authorityService;
|
|
|
|
private AclDaoComponent aclDaoComponent;
|
|
|
|
private UserTransaction testTX;
|
|
|
|
private TransactionService transactionService;
|
|
|
|
private AVMService avmService;
|
|
|
|
private AccessControlListDAO avmACLDAO;
|
|
|
|
private AVMNodeDAO avmNodeDAO;
|
|
|
|
private AVMSyncService avmSyncService;
|
|
|
|
public AVMServicePermissionsTest()
|
|
{
|
|
super();
|
|
}
|
|
|
|
public void setUp() throws Exception
|
|
{
|
|
avmNodeDAO = (AVMNodeDAO) applicationContext.getBean("avmNodeDAO");
|
|
|
|
avmACLDAO = (AccessControlListDAO) applicationContext.getBean("avmACLDAO");
|
|
|
|
aclDaoComponent = (AclDaoComponent) applicationContext.getBean("aclDaoComponent");
|
|
avmService = (AVMService) applicationContext.getBean("avmService");
|
|
avmSyncService = (AVMSyncService) applicationContext.getBean("AVMSyncService");
|
|
|
|
nodeService = (NodeService) applicationContext.getBean("nodeService");
|
|
dictionaryService = (DictionaryService) applicationContext.getBean(ServiceRegistry.DICTIONARY_SERVICE.getLocalName());
|
|
permissionService = (PermissionServiceSPI) applicationContext.getBean("permissionService");
|
|
namespacePrefixResolver = (NamespacePrefixResolver) applicationContext.getBean(ServiceRegistry.NAMESPACE_SERVICE.getLocalName());
|
|
authenticationService = (AuthenticationService) applicationContext.getBean("authenticationService");
|
|
authenticationComponent = (AuthenticationComponent) applicationContext.getBean("authenticationComponent");
|
|
serviceRegistry = (ServiceRegistry) applicationContext.getBean(ServiceRegistry.SERVICE_REGISTRY);
|
|
permissionModelDAO = (ModelDAO) applicationContext.getBean("permissionsModelDAO");
|
|
personService = (PersonService) applicationContext.getBean("personService");
|
|
authorityService = (AuthorityService) applicationContext.getBean("authorityService");
|
|
|
|
authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());
|
|
authenticationDAO = (MutableAuthenticationDao) applicationContext.getBean("authenticationDao");
|
|
transactionService = (TransactionService) applicationContext.getBean("transactionComponent");
|
|
|
|
testTX = transactionService.getUserTransaction();
|
|
testTX.begin();
|
|
this.authenticationComponent.setSystemUserAsCurrentUser();
|
|
|
|
StoreRef storeRef = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.nanoTime());
|
|
rootNodeRef = nodeService.getRootNode(storeRef);
|
|
|
|
QName children = ContentModel.ASSOC_CHILDREN;
|
|
QName system = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "system");
|
|
QName container = ContentModel.TYPE_CONTAINER;
|
|
QName types = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "people");
|
|
|
|
systemNodeRef = nodeService.createNode(rootNodeRef, children, system, container).getChildRef();
|
|
NodeRef typesNodeRef = nodeService.createNode(systemNodeRef, children, types, container).getChildRef();
|
|
Map<QName, Serializable> props = createPersonProperties("andy");
|
|
nodeService.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props).getChildRef();
|
|
props = createPersonProperties("lemur");
|
|
nodeService.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props).getChildRef();
|
|
|
|
// create an authentication object e.g. the user
|
|
if (authenticationDAO.userExists("andy"))
|
|
{
|
|
authenticationService.deleteAuthentication("andy");
|
|
}
|
|
authenticationService.createAuthentication("andy", "andy".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("lemur"))
|
|
{
|
|
authenticationService.deleteAuthentication("lemur");
|
|
}
|
|
authenticationService.createAuthentication("lemur", "lemur".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("admin"))
|
|
{
|
|
authenticationService.deleteAuthentication("admin");
|
|
}
|
|
authenticationService.createAuthentication("admin", "admin".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("manager"))
|
|
{
|
|
authenticationService.deleteAuthentication("manager");
|
|
}
|
|
authenticationService.createAuthentication("manager", "manager".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("publisher"))
|
|
{
|
|
authenticationService.deleteAuthentication("publisher");
|
|
}
|
|
authenticationService.createAuthentication("publisher", "publisher".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("contributor"))
|
|
{
|
|
authenticationService.deleteAuthentication("contributor");
|
|
}
|
|
authenticationService.createAuthentication("contributor", "contributor".toCharArray());
|
|
|
|
if (authenticationDAO.userExists("reviewer"))
|
|
{
|
|
authenticationService.deleteAuthentication("reviewer");
|
|
}
|
|
authenticationService.createAuthentication("reviewer", "reviewer".toCharArray());
|
|
|
|
authenticationComponent.clearCurrentSecurityContext();
|
|
}
|
|
|
|
protected void tearDown() throws Exception
|
|
{
|
|
|
|
try
|
|
{
|
|
testTX.commit();
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
}
|
|
finally
|
|
{
|
|
AuthenticationUtil.clearCurrentSecurityContext();
|
|
super.tearDown();
|
|
}
|
|
}
|
|
|
|
protected void runAs(String userName)
|
|
{
|
|
authenticationService.authenticate(userName, userName.toCharArray());
|
|
assertNotNull(authenticationService.getCurrentUserName());
|
|
// for(GrantedAuthority authority : woof.getAuthorities())
|
|
// {
|
|
// System.out.println("Auth = "+authority.getAuthority());
|
|
// }
|
|
|
|
}
|
|
|
|
private Map<QName, Serializable> createPersonProperties(String userName)
|
|
{
|
|
HashMap<QName, Serializable> properties = new HashMap<QName, Serializable>();
|
|
properties.put(ContentModel.PROP_USERNAME, userName);
|
|
return properties;
|
|
}
|
|
|
|
protected PermissionReference getPermission(String permission)
|
|
{
|
|
return permissionModelDAO.getPermissionReference(null, permission);
|
|
}
|
|
|
|
private void buildBaseStructure(String base)
|
|
{
|
|
avmService.createStore(base);
|
|
avmService.createDirectory(base + ":/", "base");
|
|
avmService.createDirectory(base + ":/base", "d-a");
|
|
avmService.createDirectory(base + ":/base/d-a", "d-aa");
|
|
avmService.createDirectory(base + ":/base/d-a", "d-ab");
|
|
avmService.createDirectory(base + ":/base/d-a", "d-ac");
|
|
avmService.createFile(base + ":/base/d-a", "f-aa");
|
|
avmService.createDirectory(base + ":/base", "d-b");
|
|
avmService.createDirectory(base + ":/base/d-b", "d-ba");
|
|
avmService.createDirectory(base + ":/base/d-b", "d-bb");
|
|
avmService.createDirectory(base + ":/base/d-b", "d-bc");
|
|
avmService.createFile(base + ":/base/d-b", "f-ba");
|
|
avmService.createDirectory(base + ":/base", "d-c");
|
|
avmService.createDirectory(base + ":/base/d-c", "d-ca");
|
|
avmService.createDirectory(base + ":/base/d-c", "d-cb");
|
|
avmService.createDirectory(base + ":/base/d-c", "d-cc");
|
|
avmService.createFile(base + ":/base/d-c", "f-ca");
|
|
avmService.createFile(base + ":/base", "f-a");
|
|
|
|
avmService.createDirectory(base + ":/base", "d-d");
|
|
avmService.createLayeredDirectory(base + ":/base/d-a", base + ":/base/d-d", "layer-d-a");
|
|
avmService.createLayeredDirectory(base + ":/base/d-b", base + ":/base/d-d", "layer-d-b");
|
|
avmService.createLayeredDirectory(base + ":/base/d-c", base + ":/base/d-d", "layer-d-c");
|
|
avmService.createLayeredFile(base + ":/base/f-a", base + ":/base/d-d", "layer-fa");
|
|
|
|
avmService.createLayeredDirectory(base + ":/base", base + ":/", "layer");
|
|
|
|
String layeredStore1 = base + "-layer-base";
|
|
avmService.createStore(layeredStore1);
|
|
avmService.createLayeredDirectory(base + ":/base", layeredStore1 + ":/", "layer-to-base");
|
|
|
|
String layeredStore2 = base + "-layer-a";
|
|
avmService.createStore(layeredStore2);
|
|
avmService.createLayeredDirectory(base + ":/base/d-a", layeredStore2 + ":/", "layer-to-d-a");
|
|
|
|
String layeredStore3 = base + "-layer-b";
|
|
avmService.createStore(layeredStore3);
|
|
avmService.createLayeredDirectory(base + ":/base/d-b", layeredStore3 + ":/", "layer-to-d-b");
|
|
|
|
String layeredStore4 = base + "-layer-c";
|
|
avmService.createStore(layeredStore4);
|
|
avmService.createLayeredDirectory(base + ":/base/d-c", layeredStore4 + ":/", "layer-to-d-c");
|
|
|
|
String layeredStore5 = base + "-layer-d";
|
|
avmService.createStore(layeredStore5);
|
|
avmService.createLayeredDirectory(base + ":/base/d-d", layeredStore5 + ":/", "layer-to-d-d");
|
|
|
|
String layeredStore6 = base + "-layer-layer-base";
|
|
avmService.createStore(layeredStore6);
|
|
avmService.createLayeredDirectory(layeredStore1 + ":/layer-to-base", layeredStore6 + ":/", "layer-to-layer-to-base");
|
|
|
|
String layeredStore7 = base + "-layer-layer-layer-base";
|
|
avmService.createStore(layeredStore7);
|
|
avmService.createLayeredDirectory(layeredStore6 + ":/layer-to-layer-to-base", layeredStore7 + ":/", "layer-to-layer-to-layer-to-base");
|
|
}
|
|
|
|
private boolean checkPermission(String user, String path, String permission, boolean allowed)
|
|
{
|
|
String curentUser = AuthenticationUtil.getCurrentUserName();
|
|
try
|
|
{
|
|
runAs(user);
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, path);
|
|
AVMStore store = AVMDAOs.Instance().fAVMStoreDAO.getByName(nodeRef.getStoreRef().getIdentifier());
|
|
boolean can = AVMRepository.GetInstance().can(store, node, permission);
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
private boolean checkCanPerformance(String user, String path, String permission, boolean allowed, int count)
|
|
{
|
|
String curentUser = AuthenticationUtil.getCurrentUserName();
|
|
try
|
|
{
|
|
runAs(user);
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, path);
|
|
AVMStore store = AVMDAOs.Instance().fAVMStoreDAO.getByName(nodeRef.getStoreRef().getIdentifier());
|
|
boolean can = AVMRepository.GetInstance().can(store, node, permission);
|
|
long start = System.nanoTime();
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
can = AVMRepository.GetInstance().can(null, node, permission);
|
|
}
|
|
long end = System.nanoTime();
|
|
System.out.println("Can in " + ((end - start) / 10e9f / count));
|
|
System.out.println("Can per second " + (1 / ((end - start) / 10e9f / count)));
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
private boolean checkHasPermissionsPerformance(String user, String path, String permission, boolean allowed, int count)
|
|
{
|
|
String curentUser = AuthenticationUtil.getCurrentUserName();
|
|
try
|
|
{
|
|
runAs(user);
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, path);
|
|
boolean can = permissionService.hasPermission(nodeRef, permission) == AccessStatus.ALLOWED;
|
|
long start = System.nanoTime();
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
can = permissionService.hasPermission(nodeRef, permission) == AccessStatus.ALLOWED;
|
|
}
|
|
long end = System.nanoTime();
|
|
System.out.println("Has Permission in " + ((end - start) / 10e9f / count));
|
|
System.out.println("Has Permission per second " + (1 / ((end - start) / 10e9f / count)));
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
public boolean checkHasPermission(String user, NodeRef nodeRef, String permission, boolean allowed)
|
|
{
|
|
String curentUser = AuthenticationUtil.getCurrentUserName();
|
|
try
|
|
{
|
|
runAs(user);
|
|
boolean can = permissionService.hasPermission(nodeRef, permission) == AccessStatus.ALLOWED;
|
|
return allowed ? can : !can;
|
|
}
|
|
finally
|
|
{
|
|
runAs(curentUser);
|
|
}
|
|
}
|
|
|
|
public void testStoreAcls() throws Exception
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
AVMNodeDescriptor nodeDesc = avmService.lookup(-1, storeName + ":/base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, nodeDesc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "andy", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.deletePermission(nodeRef.getStoreRef(), "andy", PermissionService.ALL_PERMISSIONS);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.deletePermissions(nodeRef.getStoreRef());
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "andy", PermissionService.ALL_PERMISSIONS, true);
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "andy", PermissionService.READ, true);
|
|
permissionService.setPermission(nodeRef.getStoreRef(), "lemur", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertEquals(permissionService.getAllSetPermissions(nodeRef.getStoreRef()).size(), 3);
|
|
|
|
permissionService.clearPermission(nodeRef.getStoreRef(), "andy");
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
assertEquals(permissionService.getAllSetPermissions(nodeRef.getStoreRef()).size(), 1);
|
|
|
|
permissionService.clearPermission(nodeRef.getStoreRef(), "lemur");
|
|
|
|
assertTrue(checkPermission("andy", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("andy", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkHasPermission("lemur", nodeRef, PermissionService.ALL_PERMISSIONS, false));
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.ALL_PERMISSIONS, true));
|
|
assertTrue(checkHasPermission("admin", nodeRef, PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
|
|
System.out.println(avmService.getStores());
|
|
}
|
|
|
|
}
|
|
|
|
public void testSimpleUpdate() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
avmService.createDirectory(storeName + "-layer-base:/layer-to-base", "update-dir");
|
|
avmService.createFile(storeName + "-layer-base:/layer-to-base/update-dir", "update-file").close();
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList acl = node.getAcl();
|
|
assertNotNull(acl);
|
|
acl = aclDaoComponent.getDbAccessControlList(aclDaoComponent.getInheritedAccessControlList(acl.getId()));
|
|
assertNotNull(acl);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(acl.getId(), fileAcl.getId());
|
|
|
|
avmService.createSnapshot(storeName, "store", "store");
|
|
avmService.createSnapshot(storeName + "-layer-base", "store", "store");
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, storeName + "-layer-base:/layer-to-base", -1, storeName + ":/base", null);
|
|
assertEquals(1, diffs.size());
|
|
assertEquals("["+storeName+"-layer-base:/layer-to-base/update-dir[-1] > "+storeName+":/base/update-dir[-1]]", diffs.toString());
|
|
avmSyncService.update(diffs, null, false, false, false, false, "A", "A");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNull(dirAcl);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNull(fileAcl);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNull(fileAcl);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testUpdateWithPermissions() throws Exception
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
AVMNodeDescriptor nodeDesc = avmService.lookup(-1, storeName + ":/base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, nodeDesc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Long baseAcl = avmNodeDAO.getByID(nodeDesc.getId()).getAcl().getId();
|
|
Long inheritedBaseAcl = aclDaoComponent.getInheritedAccessControlList(baseAcl);
|
|
|
|
avmService.createDirectory(storeName + "-layer-base:/layer-to-base", "update-dir");
|
|
avmService.createFile(storeName + "-layer-base:/layer-to-base/update-dir", "update-file").close();
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
AVMNode node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList acl = node.getAcl();
|
|
assertNotNull(acl);
|
|
acl = aclDaoComponent.getDbAccessControlList(aclDaoComponent.getInheritedAccessControlList(acl.getId()));
|
|
assertNotNull(acl);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(acl.getId(), fileAcl.getId());
|
|
|
|
avmService.createSnapshot(storeName, "store", "store");
|
|
avmService.createSnapshot(storeName + "-layer-base", "store", "store");
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, storeName + "-layer-base:/layer-to-base", -1, storeName + ":/base", null);
|
|
assertEquals(1, diffs.size());
|
|
assertEquals("["+storeName+"-layer-base:/layer-to-base/update-dir[-1] > "+storeName+":/base/update-dir[-1]]", diffs.toString());
|
|
avmSyncService.update(diffs, null, false, false, false, false, "A", "A");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(inheritedBaseAcl, dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(inheritedBaseAcl, fileAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
dirAcl = node.getAcl();
|
|
assertNotNull(dirAcl);
|
|
assertEquals(acl.getId(), dirAcl.getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
|
|
node = avmNodeDAO.getByID(desc.getId());
|
|
fileAcl = node.getAcl();
|
|
assertNotNull(fileAcl);
|
|
assertEquals(inheritedBaseAcl, fileAcl.getId());
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testComplexStore_AlterInheritance()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("admin", storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("admin", storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
// True as unset defaults to allow
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
permissionService.deletePermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS);
|
|
|
|
assertTrue(checkPermission("admin", storeName + ":/base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("admin", storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("admin", storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
// True as unset defaults to allow
|
|
assertTrue(checkPermission("lemur", storeName + ":/base", PermissionService.READ, false));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + "-layer-base:/layer-to-base", PermissionService.ALL_PERMISSIONS, true));
|
|
|
|
// performance
|
|
|
|
checkCanPerformance("lemur", storeName + ":/base", PermissionService.READ, false, 10000);
|
|
checkHasPermissionsPerformance("lemur", storeName + ":/base", PermissionService.READ, false, 10000);
|
|
|
|
String[] excludeL = new String[] { storeName + "-layer-base:/layer-to-base/d-d/layer-d-a" };
|
|
String[] excludeLL = new String[] { storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a" };
|
|
String[] excludeLLL = new String[] { storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a" };
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
excludeLL);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/d-a");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setInheritParentPermissions(nodeRef, false);
|
|
|
|
String[] excludeL2 = new String[] { storeName + "-layer-base:/layer-to-base/d-d/layer-d-a", storeName + "-layer-base:/layer-to-base/d-a" };
|
|
String[] excludeLL2 = new String[] { storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a", storeName + "-layer-layer-base:/layer-to-layer-to-base/d-a" };
|
|
String[] excludeLLL2 = new String[] { storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a",
|
|
storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-a" };
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, excludeL2);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
excludeLL2);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, excludeLLL2);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/d-a");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setInheritParentPermissions(nodeRef, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
excludeLL);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testComplexStore_AddPermissionsToMiddle()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + "-layer-a:/layer-to-d-a");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// debugPermissions(storeName + ":/base");
|
|
// debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
//
|
|
// DbAccessControlList acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// List<Long> nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
|
|
permissionService.setPermission(nodeRef, "loon", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
// debugPermissions(storeName + ":/base");
|
|
// debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
//
|
|
// acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
//
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
String[] excludeL = new String[] { storeName + "-layer-base:/layer-to-base/d-d/layer-d-a" };
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "loon", PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", "loon", PermissionService.ALL_PERMISSIONS, true, null);
|
|
String[] excludeLL = new String[] { storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a" };
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "loon", PermissionService.ALL_PERMISSIONS, true, excludeLL);
|
|
String[] excludeLLL = new String[] { storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a" };
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "loon", PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
debugPermissions(storeName + ":/base");
|
|
debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
|
|
// acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// // need to fix up inheritance as is has changed
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "monkey", PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", "monkey", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "monkey", PermissionService.ALL_PERMISSIONS, true, excludeLL);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "monkey", PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
debugPermissions(storeName + ":/base");
|
|
debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
|
|
// acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
// nodes = aclDaoComponent.getAvmNodesByACL(acl.getId());
|
|
// for (Long id : nodes)
|
|
// {
|
|
// // need to fix up inheritance as is has changed
|
|
// AVMNodeDescriptor layerDesc = new AVMNodeDescriptor(null, null, 0, null, null, null, 0, 0, 0, id, null,
|
|
// 0, null, 0, false, 0, false, 0, 0);
|
|
// List<Pair<Integer, String>> paths = avmService.getHeadPaths(layerDesc);
|
|
// for(Pair<Integer, String> path : paths)
|
|
// {
|
|
// NodeRef testRef = AVMNodeConverter.ToNodeRef(-1, path.getSecond());
|
|
// System.out.println("--> "+id +" "+path.getSecond()+ " "+path.getFirst()+ "
|
|
// "+avmACLDAO.getAccessControlList(testRef));
|
|
// }
|
|
// }
|
|
//
|
|
desc = avmService.lookup(-1, storeName + ":/base");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "base", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
debugPermissions(storeName + ":/base");
|
|
debugPermissions(storeName + "-layer-base:/layer-to-base");
|
|
checkHeadPermissionForPath(storeName + ":/base", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", "base", PermissionService.ALL_PERMISSIONS, true, excludeL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "base", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "base", PermissionService.ALL_PERMISSIONS, true, excludeLL);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "base", PermissionService.ALL_PERMISSIONS, true, excludeLLL);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
}
|
|
|
|
public void testComplexStore_AddPermissionsToBottom()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
buildBaseStructure(storeName);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/base");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
permissionService.setPermission(nodeRef, "squid", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "squid", PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
permissionService.deletePermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
permissionService.setPermission(nodeRef, "me", PermissionService.ALL_PERMISSIONS, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/base/d-a");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "lemon", PermissionService.READ, true);
|
|
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-a:/layer-to-d-a", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true,
|
|
null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", PermissionService.ALL_AUTHORITIES,
|
|
PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-b:/layer-to-d-b", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-c:/layer-to-d-c", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base", "me", PermissionService.ALL_PERMISSIONS, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + ":/base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + ":/base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + ":/base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-base:/layer-to-base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-base:/layer-to-base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + "-layer-a:/layer-to-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-b:/layer-to-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-c:/layer-to-d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-d:/layer-to-d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-d:/layer-to-d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-base:/layer-to-layer-to-base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-c", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-a", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-b", "lemon", PermissionService.READ, true, null);
|
|
checkHeadPermissionNotSetForPath(storeName + "-layer-layer-layer-base:/layer-to-layer-to-layer-to-base/d-d/layer-d-c", "lemon", PermissionService.READ, true, null);
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-a");
|
|
avmService.purgeStore(storeName + "-layer-b");
|
|
avmService.purgeStore(storeName + "-layer-c");
|
|
avmService.purgeStore(storeName + "-layer-d");
|
|
avmService.purgeStore(storeName + "-layer-layer-base");
|
|
avmService.purgeStore(storeName + "-layer-layer-layer-base");
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
* create directories & file in main
|
|
* set file permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleFilePermissionDiff() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
// create directories and file in main
|
|
System.out.println("create D: " + baseStore + ":/base");
|
|
avmService.createDirectory(baseStore + ":/", "base");
|
|
System.out.println("create D: " + baseStore + ":/base/d-a");
|
|
avmService.createDirectory(baseStore + ":/base", "d-a");
|
|
System.out.println("create F: " + baseStore + ":/base/d-a/f-aa");
|
|
avmService.createFile(baseStore + ":/base/d-a", "f-aa").close();
|
|
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer-to-base -> " + baseStore + ":/base");
|
|
avmService.createLayeredDirectory(baseStore + ":/base", layeredStore + ":/", "layer-to-base");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer-to-base/d-a/f-aa");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on file in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer-to-base/d-a/f-aa");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals("["+layeredStore+":/layer-to-base/d-a/f-aa[-1] > "+baseStore+":/base/d-a/f-aa[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer-to-base", baseStore + ":/base");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer-to-base", -1, baseStore + ":/base", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main & layer
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/base/d-a/f-aa");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer-to-base/d-a/f-aa");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that file in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in main
|
|
* set directory permission in main
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff0() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
// create directory in main
|
|
System.out.println("create D: " + baseStore + ":/d-a");
|
|
avmService.createDirectory(baseStore + ":/", "d-a");
|
|
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef baseNodeRef = AVMNodeConverter.ToNodeRef(-1, baseNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in main
|
|
System.out.println("set P (DELETE): " + baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(baseNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// update main from layer - NOOP
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// flatten - NOOP
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in main
|
|
* set directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff1() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
// create directory in main
|
|
System.out.println("create D: " + baseStore + ":/d-a");
|
|
avmService.createDirectory(baseStore + ":/", "d-a");
|
|
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff2() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
* set another directory permission in layer
|
|
* update back to main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff3() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// repeat with another directory permission
|
|
|
|
// set WRITE directory permission in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// update main from layer
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the WRITE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set directory permission in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* create file in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
* set another directory permission in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff4() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// create file in layer
|
|
System.out.println("create F: " + layeredStore + ":/layer/d-a/f-aa");
|
|
avmService.createFile(layeredStore + ":/layer/d-a", "f-aa").close();
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a/f-aa[-1] > "+baseStore+":/d-a/f-aa[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the DELETE permission is still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// set another directory permission
|
|
|
|
// set WRITE directory permission in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the WRITE permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set two directory permissions in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
* remove one of the directory permissions in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff5() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// set WRITE permission on directory in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// remove one of the directory permissions
|
|
|
|
// delete DELETE directory permission in layer
|
|
System.out.println("delete P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.deletePermission(layeredNodeRef, "andy", PermissionService.DELETE);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the DELETE permission is no longer set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE permission is still set in main (and appears in layer)
|
|
// check that the DELETE permission is not set in main (or layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* create directory in layer
|
|
* set two directory permissions in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
* remove one of the existing directory permissions in layer
|
|
* set a different directory permission in layer
|
|
* snapshot layer, update back to main, snapshot main
|
|
* flatten
|
|
*/
|
|
public void testSimpleDirectoryPermissionDiff6() throws Throwable
|
|
{
|
|
runAs("admin");
|
|
|
|
String baseStore = "main";
|
|
String layeredStore = "layer";
|
|
|
|
try
|
|
{
|
|
System.out.println("create store: " + baseStore);
|
|
avmService.createStore(baseStore);
|
|
|
|
System.out.println("create store: " + layeredStore);
|
|
avmService.createStore(layeredStore);
|
|
|
|
System.out.println("create LD: " + layeredStore + ":/layer -> " + baseStore + ":/");
|
|
avmService.createLayeredDirectory(baseStore + ":/", layeredStore + ":/", "layer");
|
|
|
|
// create directory in layer
|
|
System.out.println("create D: " + layeredStore + ":/layer/d-a");
|
|
avmService.createDirectory(layeredStore + ":/layer", "d-a");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
AVMNodeDescriptor layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
AVMNodeDescriptor baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
NodeRef layeredNodeRef = AVMNodeConverter.ToNodeRef(-1, layeredNodeDesc.getPath());
|
|
|
|
// set DELETE permission on directory in layer
|
|
System.out.println("set P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// set WRITE permission on directory in layer
|
|
System.out.println("set P (WRITE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
List<AVMDifference> diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE and DELETE permissions are still set in main (and appears in layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
|
|
// remove one of the directory permissions
|
|
|
|
// delete DELETE directory permission in layer
|
|
System.out.println("delete P (DELETE): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
permissionService.deletePermission(layeredNodeRef, "andy", PermissionService.DELETE);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// set READ permission on directory in layer
|
|
System.out.println("set P (READ): " + layeredStore + ":/layer/d-a");
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.READ, true);
|
|
permissionService.setPermission(layeredNodeRef, "andy", PermissionService.READ, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.READ, true);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals("["+layeredStore+":/layer/d-a[-1] > "+baseStore+":/d-a[-1]]", diffs.toString());
|
|
assertEquals(1, diffs.size());
|
|
|
|
// snapshot layer, update main from layer, snapshot main
|
|
System.out.println("snapshot: layer");
|
|
avmService.createSnapshot(layeredStore, null, null);
|
|
System.out.println("update: main from layer");
|
|
avmSyncService.update(diffs, null, false, false, false, false, null, null);
|
|
System.out.println("snapshot: main");
|
|
avmService.createSnapshot(baseStore, null, null);
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
// check that the DELETE permission is no longer set in main
|
|
// check that the READ permission is now set in main
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.READ, true);
|
|
|
|
// flatten
|
|
System.out.println("flatten: layer to main");
|
|
avmSyncService.flatten(layeredStore + ":/layer", baseStore + ":/");
|
|
|
|
recursiveList(baseStore);
|
|
recursiveList(layeredStore);
|
|
|
|
diffs = avmSyncService.compare(-1, layeredStore + ":/layer", -1, baseStore + ":/", null);
|
|
assertEquals(0, diffs.size());
|
|
|
|
// check that the WRITE & READ permissions are set in main (and appear in layer)
|
|
// check that the DELETE permission is not set in main (or layer)
|
|
baseNodeDesc = avmService.lookup(-1, baseStore + ":/d-a");
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(baseNodeDesc, "andy", PermissionService.READ, true);
|
|
checkHeadPermissionNotSet(baseNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
layeredNodeDesc = avmService.lookup(-1, layeredStore + ":/layer/d-a");
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermission(layeredNodeDesc, "andy", PermissionService.WRITE, true);
|
|
checkHeadPermissionNotSet(layeredNodeDesc, "andy", PermissionService.DELETE, true);
|
|
|
|
// check that directory in layer is the same as the one from main
|
|
assertEquals(baseNodeDesc, layeredNodeDesc);
|
|
}
|
|
catch (Throwable t)
|
|
{
|
|
t.printStackTrace();
|
|
throw t;
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(baseStore);
|
|
avmService.purgeStore(layeredStore);
|
|
}
|
|
}
|
|
|
|
private void checkHeadPermissionForPath(String path, String authority, String permission, boolean allow, String[] excludes)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
checkHeadPermission(desc, authority, permission, allow);
|
|
if (desc.isDirectory())
|
|
{
|
|
Map<String, AVMNodeDescriptor> children = avmService.getDirectoryListing(desc);
|
|
for (String child : children.keySet())
|
|
{
|
|
String newPath = path + "/" + child;
|
|
if (excludes != null)
|
|
{
|
|
for (String exclude : excludes)
|
|
{
|
|
if (newPath.startsWith(exclude))
|
|
{
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
checkHeadPermissionForPath(newPath, authority, permission, allow, excludes);
|
|
}
|
|
}
|
|
}
|
|
|
|
private void checkHeadPermissionNotSetForPath(String path, String authority, String permission, boolean allow, String[] excludes)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
checkHeadPermissionNotSet(desc, authority, permission, allow);
|
|
if (desc.isDirectory())
|
|
{
|
|
Map<String, AVMNodeDescriptor> children = avmService.getDirectoryListing(desc);
|
|
for (String child : children.keySet())
|
|
{
|
|
String newPath = path + "/" + child;
|
|
if (excludes != null)
|
|
{
|
|
for (String exclude : excludes)
|
|
{
|
|
if (newPath.startsWith(exclude))
|
|
{
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
checkHeadPermissionNotSetForPath(newPath, authority, permission, allow, excludes);
|
|
}
|
|
}
|
|
}
|
|
|
|
private void checkHeadPermissionForNode(String path, String authority, String permission, boolean allow)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
checkHeadPermission(desc, authority, permission, allow);
|
|
}
|
|
|
|
private void checkHeadPermissionNotSetForNode(String path, String authority, String permission, boolean allow)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
checkHeadPermissionNotSet(desc, authority, permission, allow);
|
|
}
|
|
|
|
private void checkHeadPermission(AVMNodeDescriptor desc, String authority, String permission, boolean allow)
|
|
{
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Set<AccessPermission> set = permissionService.getAllSetPermissions(nodeRef);
|
|
for (AccessPermission p : set)
|
|
{
|
|
if (p.getAuthority().equals(authority))
|
|
{
|
|
if (p.getPermission().equals(permission))
|
|
{
|
|
// debugPermissions(desc.getPath());
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
debugPermissions(desc.getPath());
|
|
fail("Permisssions not found at " + desc.getPath());
|
|
// System.err.println("Permisssions not found at "+desc.getPath());
|
|
}
|
|
|
|
private void checkHeadPermissionNotSet(AVMNodeDescriptor desc, String authority, String permission, boolean allow)
|
|
{
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Set<AccessPermission> set = permissionService.getAllSetPermissions(nodeRef);
|
|
for (AccessPermission p : set)
|
|
{
|
|
if (p.getAuthority().equals(authority))
|
|
{
|
|
if (p.getPermission().equals(permission))
|
|
{
|
|
debugPermissions(desc.getPath());
|
|
fail("Permisssions found at " + desc.getPath());
|
|
}
|
|
}
|
|
}
|
|
// debugPermissions(desc.getPath());
|
|
// fail("Permisssions not found at "+desc.getPath());
|
|
// System.err.println("Permisssions not found at "+desc.getPath());
|
|
}
|
|
|
|
public void testRedirectLayeredDirectory()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createFile(storeName + ":/www", "dog");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
avmService.createFile(storeName + ":/www/avm-web-apps", "cat");
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.READ, true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www", "Editor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www", "Editor", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentManager", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentManager", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentPublisher", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentPublisher", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentContributor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentContributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps", "ContentReviewer", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps", "ContentReviewer", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "publisher", "Collaborator", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Collaborator", true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Contributor", true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/dog", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/dog", "Editor", false));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/dog", "Editor", true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/dog", "Editor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/dog", "Editor", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "contributor", "Coordinator", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Contributor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Contributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Contributor", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/ROOT", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/ROOT", "Editor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/ROOT", "Editor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/ROOT", "Editor", true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/ROOT", "Editor", false));
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "reviewer", "Editor", true);
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", PermissionService.READ, true));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Coordinator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Coordinator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Collaborator", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Collaborator", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Contributor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Contributor", false));
|
|
assertTrue(checkPermission("lemur", storeName + ":/www/avm-web-apps/cat", "Editor", false));
|
|
assertTrue(checkPermission("manager", storeName + ":/www/avm-web-apps/cat", "Editor", true));
|
|
assertTrue(checkPermission("publisher", storeName + ":/www/avm-web-apps/cat", "Editor", false));
|
|
assertTrue(checkPermission("contributor", storeName + ":/www/avm-web-apps/cat", "Editor", false));
|
|
assertTrue(checkPermission("reviewer", storeName + ":/www/avm-web-apps/cat", "Editor", true));
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + ":/", "layer");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www/avm-web-apps");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", PermissionService.READ, true);
|
|
avmService.createDirectory(storeName + ":/layer", "l-d");
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "directory-monkey", PermissionService.READ, true);
|
|
avmService.createFile(storeName + ":/layer", "l-f");
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "file-monkey", PermissionService.READ, true);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
debugPermissions(storeName + ":/layer/avm-web-apps/cat");
|
|
|
|
// As we have set permissions on this node it has done COW and now defined its own permissions.
|
|
// Changing the target does not change the permissions just the content and locations
|
|
// Some underlying nodes have not been COWed - and so pick up underlygin changes
|
|
// - it is only layer and its direct children that will now hace fixed permissions.
|
|
// Joy all round
|
|
|
|
// Note copy on writed nodes will move taking context.... so cat appears in two places
|
|
// / over layed as cat .... and also as avm-web-apps from the previous copy on write and then move ....
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www/avm-web-apps");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
avmService.retargetLayeredDirectory(storeName + ":/layer", storeName + ":/www");
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-d");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/l-f");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/dog");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/cat");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testCopy()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Map<String, Integer> s1 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Map<String, Integer> s2 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
Map<String, Integer> s3 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
Map<String, Integer> s4 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
Map<String, Integer> s5 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
Map<String, Integer> s6 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
|
|
avmService.copy(-1, storeName + ":/www", storeName + ":/", "head");
|
|
desc = avmService.lookup(-1, storeName + ":/head");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/head/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.copy(s1.get(storeName), storeName + ":/www", storeName + ":/", "s1");
|
|
desc = avmService.lookup(-1, storeName + ":/s1");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
desc = avmService.lookup(-1, storeName + ":/s1/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
|
|
avmService.copy(s2.get(storeName), storeName + ":/www", storeName + ":/", "s2");
|
|
desc = avmService.lookup(-1, storeName + ":/s2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/s2/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.copy(s3.get(storeName), storeName + ":/www", storeName + ":/", "s3");
|
|
desc = avmService.lookup(-1, storeName + ":/s3");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/s3/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
|
|
avmService.copy(s4.get(storeName), storeName + ":/www", storeName + ":/", "s4");
|
|
desc = avmService.lookup(-1, storeName + ":/s4");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/s4/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.copy(s5.get(storeName), storeName + ":/www", storeName + ":/", "s5");
|
|
desc = avmService.lookup(-1, storeName + ":/s5");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/s5/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
avmService.copy(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.copy(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.copy(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testBranches()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
Map<String, Integer> s1 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
Map<String, Integer> s2 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
Map<String, Integer> s3 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
Map<String, Integer> s4 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
Map<String, Integer> s5 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
Map<String, Integer> s6 = avmService.createSnapshot(storeName, null, null);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
|
|
avmService.createBranch(-1, storeName + ":/www", storeName + ":/", "head");
|
|
desc = avmService.lookup(-1, storeName + ":/head");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/head/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.createBranch(s1.get(storeName), storeName + ":/www", storeName + ":/", "s1");
|
|
desc = avmService.lookup(-1, storeName + ":/s1");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
desc = avmService.lookup(-1, storeName + ":/s1/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 0);
|
|
|
|
avmService.createBranch(s2.get(storeName), storeName + ":/www", storeName + ":/", "s2");
|
|
desc = avmService.lookup(-1, storeName + ":/s2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
desc = avmService.lookup(-1, storeName + ":/s2/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createBranch(s3.get(storeName), storeName + ":/www", storeName + ":/", "s3");
|
|
desc = avmService.lookup(-1, storeName + ":/s3");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/s3/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
|
|
avmService.createBranch(s4.get(storeName), storeName + ":/www", storeName + ":/", "s4");
|
|
desc = avmService.lookup(-1, storeName + ":/s4");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/s4/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.createBranch(s5.get(storeName), storeName + ":/www", storeName + ":/", "s5");
|
|
desc = avmService.lookup(-1, storeName + ":/s5");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/s5/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
|
|
avmService.createBranch(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.createBranch(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "monkey", "ContentReviewer", true);
|
|
|
|
avmService.createBranch(s6.get(storeName), storeName + ":/www", storeName + ":/", "s6");
|
|
desc = avmService.lookup(-1, storeName + ":/s6");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
desc = avmService.lookup(-1, storeName + ":/s6/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Test the basic permission model where
|
|
*/
|
|
public void testSimpleExternalLayer() throws Exception
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
Long definingId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
String definingGuid = aclDaoComponent.getAccessControlListProperties(definingId).getAclId();
|
|
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(definingId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "directory");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "file");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// simple layer
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createSnapshot(storeName + "-a-", null, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions beneath and check they appear up
|
|
// Check version has not moved and the id is the same as they are in the same TX and will not have COWed
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// debugPermissionsut.println("BEFORE:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
|
|
testTX.commit();
|
|
testTX = transactionService.getUserTransaction();
|
|
testTX.begin();
|
|
|
|
permissionService.setPermission(nodeRef, "andy", "ContentReviewer", true);
|
|
|
|
// System.out.println("AFTER:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
|
|
Long newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
assertFalse(newId.equals(definingId));
|
|
assertEquals(definingGuid, aclDaoComponent.getAccessControlListProperties(newId).getAclId());
|
|
assertEquals(aclDaoComponent.getAccessControlListProperties(definingId).getAclVersion().longValue() + 1, aclDaoComponent.getAccessControlListProperties(newId)
|
|
.getAclVersion().longValue());
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions to the layer
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "bob", "ContentReviewer", true);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
|
|
}
|
|
}
|
|
|
|
public void testSimpleInternalLayer()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
Long definingId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
String definingGuid = aclDaoComponent.getAccessControlListProperties(definingId).getAclId();
|
|
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(definingId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "directory");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "file");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// simple layer
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + ":/", "layer");
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createSnapshot(storeName, null, null);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(definingId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions beneath and check they appear up
|
|
// Check version has not moved and the id is the same as they are in the same TX and will not have COWed
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// System.out.println("BEFORE:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/layer");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
|
|
permissionService.setPermission(nodeRef, "andy", "ContentReviewer", true);
|
|
|
|
// System.out.println("AFTER:");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/layer");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
// debugPermissions(storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
|
|
Long newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
assertFalse(newId.equals(definingId));
|
|
assertEquals(definingGuid, aclDaoComponent.getAccessControlListProperties(newId).getAclId());
|
|
assertEquals(aclDaoComponent.getAccessControlListProperties(definingId).getAclVersion().longValue() + 1, aclDaoComponent.getAccessControlListProperties(newId)
|
|
.getAclVersion().longValue());
|
|
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
// Add permissions to the layer
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "bob", "ContentReviewer", true);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(newId, avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 6);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
newId = avmACLDAO.getAccessControlList(nodeRef).getId();
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/layer/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
assertEquals(aclDaoComponent.getInheritedAccessControlList(newId), avmACLDAO.getAccessControlList(nodeRef).getId());
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
private void debugPermissions(String path)
|
|
{
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, path);
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
DbAccessControlList acl = avmACLDAO.getAccessControlList(nodeRef);
|
|
System.out.println(path);
|
|
System.out.println("\t => Ind="
|
|
+ desc.getIndirection() + ",Deleted=" + desc.isDeleted() + ",LD=" + desc.isLayeredDirectory() + ",LF=" + desc.isLayeredFile() + ",PD=" + desc.isPlainDirectory()
|
|
+ ",PF=" + desc.isPlainFile() + ",Primary=" + desc.isPrimary());
|
|
System.out.println("\t => " + acl);
|
|
}
|
|
|
|
public void testMutationsWithSimpleLayers()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
avmService.createStore(storeName);
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
|
|
AVMNodeDescriptor desc = avmService.lookup(-1, storeName + ":/www");
|
|
NodeRef nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
|
|
// debugPermissions(storeName + ":/");
|
|
// /debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.ALL_PERMISSIONS, true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "manager", "ContentManager", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "publisher", "ContentPublisher", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "contributor", "ContentContributor", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
permissionService.setPermission(nodeRef, "reviewer", "ContentReviewer", true);
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
|
|
// System.out.println("Snapshot");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
|
|
// System.out.println("Layered");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "directory");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
// System.out.println("New Dir");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
avmService.createDirectory(storeName + "-a-:/www/avm-web-apps/ROOT", "directory2");
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/directory2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 5);
|
|
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
// System.out.println("Before Andy");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
permissionService.setPermission(nodeRef, "andy", "ContentReviewer", true);
|
|
// System.out.println("Before Lemur");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/directory");
|
|
permissionService.setPermission(nodeRef, "lemur", "ContentReviewer", true);
|
|
// System.out.println("After");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "bob", "ContentReviewer", true);
|
|
permissionService.setPermission(nodeRef, "jim", "ContentReviewer", true);
|
|
permissionService.setPermission(nodeRef, "dave", "ContentReviewer", true);
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "file");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/file");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
// TODO: Check this
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 7);
|
|
|
|
avmService.createFile(storeName + "-a-:/www/avm-web-apps/ROOT", "file2");
|
|
desc = avmService.lookup(-1, storeName + "-a-:/www/avm-web-apps/ROOT/file2");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 10);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainDirectory()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After One");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Two");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Three");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Four");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "test", storeName + ":/www/avm-web-apps/ROOT", "lemon");
|
|
// System.out.println("After Rename to lemon");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "lemon", storeName + ":/www/avm-web-apps", "orange");
|
|
// System.out.println("After move up and rename 1");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps", "orange", storeName + ":/www", "blue");
|
|
// System.out.println("After move up and rename 2");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/blue");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/blue");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainFile()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After One");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Two");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Three");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
// System.out.println("After Four");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "test", storeName + ":/www/avm-web-apps/ROOT", "lemon");
|
|
// System.out.println("After Rename to lemon");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/lemon");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps/ROOT", "lemon", storeName + ":/www/avm-web-apps", "orange");
|
|
// System.out.println("After move up and rename 1");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
|
|
avmService.rename(storeName + ":/www/avm-web-apps", "orange", storeName + ":/www", "blue");
|
|
// System.out.println("After move up and rename 2");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/blue");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/orange");
|
|
desc = avmService.lookup(-1, storeName + ":/www/blue");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainDirectoryIntoLayer()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
|
|
avmService.rename(storeName + "-a-:/www/avm-web-apps/ROOT", "test", storeName + "-a-:/www/avm-web-apps/ROOT", "banana");
|
|
// System.out.println("In Source");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
// System.out.println("In Layer");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/banana");
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
}
|
|
}
|
|
|
|
public void testRenamePlainFileIntoLayer()
|
|
{
|
|
runAs("admin");
|
|
String storeName = "PermissionsTest-" + getName() + "-" + (new Date().getTime());
|
|
try
|
|
{
|
|
AVMNodeDescriptor desc;
|
|
NodeRef nodeRef;
|
|
|
|
avmService.createStore(storeName);
|
|
|
|
avmService.createDirectory(storeName + ":/", "www");
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "one", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www", "avm-web-apps");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "two", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createDirectory(storeName + ":/www/avm-web-apps", "ROOT");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "three", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createFile(storeName + ":/www/avm-web-apps/ROOT", "test");
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT/test");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
permissionService.setPermission(nodeRef, "four", PermissionService.ALL_PERMISSIONS, true);
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 4);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps/ROOT");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 3);
|
|
desc = avmService.lookup(-1, storeName + ":/www/avm-web-apps");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 2);
|
|
desc = avmService.lookup(-1, storeName + ":/www");
|
|
nodeRef = AVMNodeConverter.ToNodeRef(-1, desc.getPath());
|
|
assertEquals(permissionService.getSetPermissions(nodeRef).getPermissionEntries().size(), 1);
|
|
|
|
avmService.createSnapshot(storeName, null, null);
|
|
avmService.createStore(storeName + "-a-");
|
|
avmService.createLayeredDirectory(storeName + ":/www", storeName + "-a-:/", "www");
|
|
|
|
avmService.rename(storeName + "-a-:/www/avm-web-apps/ROOT", "test", storeName + "-a-:/www/avm-web-apps/ROOT", "banana");
|
|
// System.out.println("File In Source");
|
|
// debugPermissions(storeName + ":/");
|
|
// debugPermissions(storeName + ":/www");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + ":/www/avm-web-apps/ROOT/test");
|
|
// System.out.println("File In Layer");
|
|
// debugPermissions(storeName + "-a-:/");
|
|
// debugPermissions(storeName + "-a-:/www");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT");
|
|
// debugPermissions(storeName + "-a-:/www/avm-web-apps/ROOT/banana");
|
|
}
|
|
finally
|
|
{
|
|
avmService.purgeStore(storeName);
|
|
avmService.purgeStore(storeName + "-a-");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Helper to write a recursive listing of latest version of an AVMStore.
|
|
* @param repoName The name of the AVMStore.
|
|
*/
|
|
protected void recursiveList(String store)
|
|
{
|
|
String list = recursiveList(store, -1, true);
|
|
System.out.println(store+":");
|
|
System.out.println(list);
|
|
}
|
|
|
|
/**
|
|
* Helper to write a recursive listing of an AVMStore at a given version.
|
|
* @param repoName The name of the AVMStore.
|
|
* @param version The version to look under.
|
|
*/
|
|
protected String recursiveList(String repoName, int version, boolean followLinks)
|
|
{
|
|
return recursiveList(repoName + ":/", version, 0, followLinks);
|
|
}
|
|
|
|
/**
|
|
* Recursive list the given path.
|
|
* @param path The path.
|
|
* @param version The version.
|
|
* @param indent The current indent level.
|
|
*/
|
|
protected String recursiveList(String path, int version, int indent, boolean followLinks)
|
|
{
|
|
StringBuilder builder = new StringBuilder();
|
|
for (int i = 0; i < indent; i++)
|
|
{
|
|
builder.append(' ');
|
|
}
|
|
builder.append(path.substring(path.lastIndexOf('/') + 1));
|
|
builder.append(' ');
|
|
AVMNodeDescriptor desc = avmService.lookup(version, path, true);
|
|
builder.append(desc.toString());
|
|
builder.append(" - ");
|
|
|
|
AVMNode layeredNode = avmNodeDAO.getByID(desc.getId());
|
|
DbAccessControlList acl = layeredNode.getAcl();
|
|
builder.append(acl);
|
|
|
|
builder.append('\n');
|
|
if (desc.getType() == AVMNodeType.PLAIN_DIRECTORY ||
|
|
(desc.getType() == AVMNodeType.LAYERED_DIRECTORY && followLinks))
|
|
{
|
|
String basename = path.endsWith("/") ? path : path + "/";
|
|
Map<String, AVMNodeDescriptor> listing = avmService.getDirectoryListing(version, path);
|
|
for (String name : listing.keySet())
|
|
{
|
|
builder.append(recursiveList(basename + name, version, indent + 2, followLinks));
|
|
}
|
|
}
|
|
return builder.toString();
|
|
}
|
|
}
|