Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntriesTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntriesTest.java (revision ) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntriesTest.java (revision ) @@ -0,0 +1,166 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import java.lang.reflect.Field; +import java.util.Collection; +import java.util.Map; +import javax.annotation.Nonnull; + +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; +import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionPattern; +import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits; +import org.junit.Test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; + +public class PrincipalPermissionEntriesTest { + + private final PermissionEntry permissionEntry = new PermissionEntry("/path", true, 0, PrivilegeBits.BUILT_IN.get(PrivilegeBits.JCR_READ), RestrictionPattern.EMPTY); + + @Test + public void testExpectedSize() throws Exception { + assertEquals(Long.MAX_VALUE, inspectExpectedSize(new PrincipalPermissionEntries())); + assertEquals(1, inspectExpectedSize(new PrincipalPermissionEntries(1))); + } + + @Test + public void testGetEntriesUponCreation() { + assertTrue(new PrincipalPermissionEntries(1).getEntries().isEmpty()); + assertTrue(new PrincipalPermissionEntries().getEntries().isEmpty()); + } + + @Test + public void testGetEntriesByPathUponCreation() { + assertNull(new PrincipalPermissionEntries(1).getEntriesByPath("/path")); + assertNull(new PrincipalPermissionEntries().getEntriesByPath("/path")); + } + + @Test + public void testIsFullyLoadedUponCreation() { + assertFalse(new PrincipalPermissionEntries(0).isFullyLoaded()); + assertFalse(new PrincipalPermissionEntries(1).isFullyLoaded()); + assertFalse(new PrincipalPermissionEntries().isFullyLoaded()); + } + + @Test + public void testSetFullyLoaded() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(1); + ppe.setFullyLoaded(true); + + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testSetFullyLoadedNoExpectedSize() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(); + ppe.setFullyLoaded(true); + + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testPutAllEntriesSetsFullyLoadedIgnoresExpectedSize() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(1); + ppe.putAllEntries(ImmutableMap.of()); + + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testPutAllEntriesSetsFullyLoaded() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(1); + ppe.putAllEntries(ImmutableMap.of("/path", ImmutableSet.of(permissionEntry))); + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testPutAllEntriesWithoutExpectedSizeSetsFullyLoaded() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(); + ppe.putAllEntries(ImmutableMap.of("/path", ImmutableSet.of(permissionEntry))); + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testPutAllEntries() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(); + + Map> allEntries = ImmutableMap.of("/path", ImmutableSet.of(permissionEntry)); + ppe.putAllEntries(allEntries); + + assertEquals(allEntries, ppe.getEntries()); + } + + @Test + public void testPutEntriesByPathSetsFullyLoaded() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(1); + ppe.putEntriesByPath("/path", ImmutableSet.of(permissionEntry)); + + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testPutEntriesByPathExceedingExpectedSizeSetsFullyLoaded() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(1); + Collection collection = ImmutableSet.of(permissionEntry); + ppe.putEntriesByPath("/path", collection); + ppe.putEntriesByPath("/path2", collection); + + assertTrue(ppe.isFullyLoaded()); + } + + @Test + public void testPutEntriesByPathNotReachingExpectedSize() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(2); + ppe.putEntriesByPath("/path", ImmutableSet.of(permissionEntry)); + + assertFalse(ppe.isFullyLoaded()); + } + + @Test + public void testPutEntriesByPath() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(2); + ppe.putEntriesByPath("/path", ImmutableSet.of(permissionEntry)); + + assertEquals(1, ppe.getEntries().size()); + } + + @Test + public void testGetEntriesByPath() { + PrincipalPermissionEntries ppe = new PrincipalPermissionEntries(2); + Collection collection = ImmutableSet.of(permissionEntry); + Map> allEntries = + ImmutableMap.of("/path", collection, "/path2", collection); + + ppe.putAllEntries(allEntries); + + assertEquals(collection, ppe.getEntriesByPath("/path")); + assertEquals(collection, ppe.getEntriesByPath("/path2")); + assertNull(ppe.getEntriesByPath("/nonExisting")); + } + + private static final long inspectExpectedSize(@Nonnull PrincipalPermissionEntries ppe) throws Exception { + Field f = PrincipalPermissionEntries.class.getDeclaredField("expectedSize"); + f.setAccessible(true); + + return (long) f.get(ppe); + } +} Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionStoreTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionStoreTest.java (revision 1830726) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionStoreTest.java (revision ) @@ -46,6 +46,8 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; +import static org.mockito.Matchers.anyLong; +import static org.mockito.Matchers.anyString; import static org.mockito.Mockito.when; public class MountPermissionStoreTest extends AbstractSecurityTest { @@ -114,14 +116,14 @@ @Test public void testLoadByAccessControlledPath() { - Collection entries = permissionStore.load(null, EveryonePrincipal.NAME, CONTENT_PATH); + Collection entries = permissionStore.load(EveryonePrincipal.NAME, CONTENT_PATH); assertNotNull(entries); assertEquals(1, entries.size()); } @Test public void testLoadByNonAccessControlledPath() { - Collection entries = permissionStore.load(null, EveryonePrincipal.NAME, TEST_PATH); + Collection entries = permissionStore.load(EveryonePrincipal.NAME, TEST_PATH); assertNull(entries); } @@ -143,22 +145,36 @@ @Test public void testGetNumEntries() { - assertEquals(2, permissionStore.getNumEntries(EveryonePrincipal.NAME, 10)); + assertEquals(2, permissionStore.getNumEntries(EveryonePrincipal.NAME, 10).size); } + @Test + public void testGetNumEntriesMaxReachedExact() throws Exception { + PermissionStoreImpl mock = insertMockStore(); + when(mock.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.valueOf(2, true)); + NumEntries ne = permissionStore.getNumEntries(EveryonePrincipal.NAME, 10); + assertEquals(NumEntries.valueOf(4, true), ne); + + ne = permissionStore.getNumEntries(EveryonePrincipal.NAME, 2); + assertEquals(NumEntries.valueOf(4, true), ne); + } + @Test - public void testGetNumEntriesMaxReached() throws Exception { + public void testGetNumEntriesMaxReachedNotExact() throws Exception { PermissionStoreImpl mock = insertMockStore(); - when(mock.getNumEntries(EveryonePrincipal.NAME, Long.valueOf(10))).thenReturn(Long.valueOf(2)); + when(mock.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.valueOf(2, false)); - assertEquals(4, permissionStore.getNumEntries(EveryonePrincipal.NAME, 10)); - assertEquals(2, permissionStore.getNumEntries(EveryonePrincipal.NAME, 2)); + NumEntries ne = permissionStore.getNumEntries(EveryonePrincipal.NAME, 10); + assertEquals(NumEntries.valueOf(4, false), ne); + + ne = permissionStore.getNumEntries(EveryonePrincipal.NAME, 2); + assertEquals(NumEntries.valueOf(2, false), ne); } @Test public void testGetNumEntriesUnknownPrincipalName() { - assertEquals(0, permissionStore.getNumEntries("unknown", 10)); + assertEquals(0, permissionStore.getNumEntries("unknown", 10).size); } @Test @@ -176,7 +192,7 @@ PermissionStoreImpl mock = Mockito.mock(PermissionStoreImpl.class); List stores = (List) f.get(permissionStore); - stores.add(mock); + stores.add(0, mock); return mock; } } \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCacheTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCacheTest.java (revision ) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCacheTest.java (revision ) @@ -0,0 +1,218 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import java.lang.reflect.Field; +import java.util.Collection; +import java.util.Map; +import java.util.TreeSet; +import javax.annotation.Nonnull; + +import com.google.common.collect.Sets; +import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionPattern; +import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits; +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mockito; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertSame; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.when; + +public class PermissionEntryCacheTest { + + private PermissionEntryCache cache = new PermissionEntryCache(); + + private PermissionEntry permissionEntry; + private PrincipalPermissionEntries ppe; + private PermissionStore store; + + @Before + public void before() { + permissionEntry = new PermissionEntry("/path", true, 0, PrivilegeBits.BUILT_IN.get(PrivilegeBits.JCR_READ), RestrictionPattern.EMPTY); + ppe = new PrincipalPermissionEntries(); + ppe.putEntriesByPath("/path", Sets.newHashSet(permissionEntry)); + + store = Mockito.mock(PermissionStore.class); + + } + + private PrincipalPermissionEntries getPrincipalPermissionEntries(boolean fullyLoaded) { + ppe.setFullyLoaded(fullyLoaded); + return ppe; + } + + @Test + public void testMissingInit() throws Exception { + Map entries = inspectEntries(cache); + assertNotNull(entries); + assertTrue(entries.isEmpty()); + } + + @Test + public void testInit() throws Exception { + cache.init("a", 5); + + PrincipalPermissionEntries entries = inspectEntries(cache, "a"); + assertNotNull(entries); + assertFalse(entries.isFullyLoaded()); + assertEquals(0, entries.getSize()); + + entries = inspectEntries(cache, "notInitialized"); + assertNull(entries); + } + + @Test + public void testLoadMissingInit() throws Exception { + PrincipalPermissionEntries ppeA = getPrincipalPermissionEntries(true); + + when(store.load("a")).thenReturn(ppeA); + + Collection result = new TreeSet(); + cache.load(store, result, "a", "/path"); + + assertTrue(result.isEmpty()); + } + + @Test + public void testLoadNotComplete() throws Exception { + cache.init("a", Long.MAX_VALUE); + + Collection entries = Sets.newHashSet(permissionEntry); + when(store.load("a", "/path")).thenReturn(entries); + + Collection result = Sets.newHashSet(); + cache.load(store, result, "a", "/path"); + + assertEquals(entries, result); + + PrincipalPermissionEntries inspectedEntries = inspectEntries(cache, "a"); + assertFalse(inspectedEntries.isFullyLoaded()); + + // requesting the entries again must NOT hit the store + when(store.load("a", "/path")).thenThrow(IllegalStateException.class); + + result.clear(); + cache.load(store, result, "a", "/path"); + + assertEquals(entries, result); + } + + @Test + public void testLoadCompleted() throws Exception { + cache.init("a", 1); + + Collection entries = Sets.newHashSet(permissionEntry); + when(store.load("a", "/path")).thenReturn(entries); + + Collection result = Sets.newHashSet(); + cache.load(store, result, "a", "/path"); + + assertEquals(entries, result); + + PrincipalPermissionEntries inspectedEntries = inspectEntries(cache, "a"); + assertTrue(inspectedEntries.isFullyLoaded()); + + // requesting the entries again must NOT hit the store + when(store.load("a", "/path")).thenThrow(IllegalStateException.class); + + result.clear(); + cache.load(store, result, "a", "/path"); + + assertEquals(entries, result); + } + + @Test + public void testLoadNonExistingNotComplete() throws Exception { + cache.init("a", Long.MAX_VALUE); + + when(store.load("a", "/path")).thenReturn(null); + + Collection result = Sets.newHashSet(); + cache.load(store, result, "a", "/path"); + + assertTrue(result.isEmpty()); + + PrincipalPermissionEntries inspectedEntries = inspectEntries(cache, "a"); + assertFalse(inspectedEntries.isFullyLoaded()); + + // requesting the entries again must NOT hit the store + when(store.load("a", "/path")).thenThrow(IllegalStateException.class); + + result.clear(); + cache.load(store, result, "a", "/path"); + + assertTrue(result.isEmpty()); + } + + @Test + public void testLoadNonExistingCompleted() throws Exception { + cache.init("a", 0); + when(store.load("a", "/path")).thenReturn(null); + + Collection result = Sets.newHashSet(); + cache.load(store, result, "a", "/path"); + + assertTrue(result.isEmpty()); + + PrincipalPermissionEntries inspectedEntries = inspectEntries(cache, "a"); + assertTrue(inspectedEntries.isFullyLoaded()); + + // requesting the entries again must NOT hit the store + when(store.load("a", "/path")).thenThrow(IllegalStateException.class); + + result.clear(); + cache.load(store, result, "a", "/path"); + + assertTrue(result.isEmpty()); + } + + + @Test + public void testGetFullyLoadedEntries() throws Exception { + PrincipalPermissionEntries ppeA = getPrincipalPermissionEntries(true); + + when(store.load("a")).thenReturn(ppeA); + + PrincipalPermissionEntries entries = cache.getFullyLoadedEntries(store, "a"); + assertSame(ppeA, entries); + + PrincipalPermissionEntries inspectedEntries = inspectEntries(cache, "a"); + assertSame(ppeA, inspectedEntries); + + // requesting the entries again must NOT hit the store + when(store.load("a")).thenThrow(IllegalStateException.class); + entries = cache.getFullyLoadedEntries(store, "a"); + assertSame(ppeA, entries); + } + + private static PrincipalPermissionEntries inspectEntries(@Nonnull PermissionEntryCache cache, @Nonnull String principalName) throws Exception { + Map entries = inspectEntries(cache); + return entries.get(principalName); + } + + private static Map inspectEntries(@Nonnull PermissionEntryCache cache) throws Exception { + Field f = PermissionEntryCache.class.getDeclaredField("entries"); + f.setAccessible(true); + + return (Map) f.get(cache); + } +} \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionCacheBuilderTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionCacheBuilderTest.java (revision ) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionCacheBuilderTest.java (revision ) @@ -0,0 +1,146 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import java.util.Set; + +import com.google.common.collect.ImmutableSet; +import com.google.common.collect.Sets; +import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionPattern; +import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits; +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mockito; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Matchers.anyLong; +import static org.mockito.Matchers.anyString; +import static org.mockito.Mockito.when; + +public class PermissionCacheBuilderTest { + + private static final String EMPTY_CLASS_NAME = "org.apache.jackrabbit.oak.security.authorization.permission.PermissionCacheBuilder$EmptyCache"; + private static final String SIMPLE_CLASS_NAME = "org.apache.jackrabbit.oak.security.authorization.permission.PermissionCacheBuilder$PathEntryMapCache"; + private static final String DEFAULT_CLASS_NAME = "org.apache.jackrabbit.oak.security.authorization.permission.PermissionCacheBuilder$DefaultPermissionCache"; + + private PermissionStore store; + private PermissionCacheBuilder permissionCacheBuilder; + + @Before + public void before() { + store = Mockito.mock(PermissionStore.class); + permissionCacheBuilder = new PermissionCacheBuilder(store); + } + + @Test(expected = IllegalStateException.class) + public void testBuildBeforeInitialized() { + permissionCacheBuilder.build(); + } + + @Test + public void testBuildForEmptyPrincipals() { + assertTrue(permissionCacheBuilder.init(ImmutableSet.of(), Long.MAX_VALUE).isEmpty()); + permissionCacheBuilder.init(ImmutableSet.of(), Long.MAX_VALUE); + PermissionCache cache = permissionCacheBuilder.build(); + assertEquals(EMPTY_CLASS_NAME, cache.getClass().getName()); + } + + @Test + public void testBuildNoExistingEntries() throws Exception { + when(store.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.ZERO); + when(store.load(anyString())).thenReturn(new PrincipalPermissionEntries(0)); + + Set principalNames = Sets.newHashSet("noEntries", "noEntries2", "noEntries3"); + + assertTrue(permissionCacheBuilder.init(principalNames, Long.MAX_VALUE).isEmpty()); + PermissionCache cache = permissionCacheBuilder.build(); + assertEquals(EMPTY_CLASS_NAME, cache.getClass().getName()); + } + + @Test + public void testBuildFewEntriesSamePath() throws Exception { + PrincipalPermissionEntries ppeA = new PrincipalPermissionEntries(1); + ppeA.putEntriesByPath("/path", ImmutableSet.of(new PermissionEntry("/path", false, 0, PrivilegeBits.BUILT_IN.get(PrivilegeBits.REP_READ_NODES), RestrictionPattern.EMPTY))); + + PrincipalPermissionEntries ppeB = new PrincipalPermissionEntries(1); + ppeB.putEntriesByPath("/path", ImmutableSet.of(new PermissionEntry("/path", false, 1, PrivilegeBits.BUILT_IN.get(PrivilegeBits.REP_READ_NODES), RestrictionPattern.EMPTY))); + + when(store.load("a")).thenReturn(ppeA); + when(store.load("b")).thenReturn(ppeB); + when(store.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.valueOf(1, true)); + + Set principalNames = Sets.newHashSet("a", "b"); + assertFalse(permissionCacheBuilder.init(principalNames, Long.MAX_VALUE).isEmpty()); + + PermissionCache cache = permissionCacheBuilder.build(); + assertEquals(SIMPLE_CLASS_NAME, cache.getClass().getName()); + } + + @Test + public void testBuildFewEntriesDifferentPaths() throws Exception { + PrincipalPermissionEntries ppeA = new PrincipalPermissionEntries(1); + ppeA.putEntriesByPath("/path", ImmutableSet.of(new PermissionEntry("/path", false, 0, PrivilegeBits.BUILT_IN.get(PrivilegeBits.REP_READ_NODES), RestrictionPattern.EMPTY))); + + PrincipalPermissionEntries ppeB = new PrincipalPermissionEntries(1); + ppeB.putEntriesByPath("/path", ImmutableSet.of(new PermissionEntry("/path", false, 1, PrivilegeBits.BUILT_IN.get(PrivilegeBits.REP_READ_NODES), RestrictionPattern.EMPTY))); + + when(store.load("a")).thenReturn(ppeA); + when(store.load("b")).thenReturn(ppeB); + when(store.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.valueOf(1, true)); + + Set principalNames = Sets.newHashSet("a", "b"); + assertFalse(permissionCacheBuilder.init(principalNames, Long.MAX_VALUE).isEmpty()); + + PermissionCache cache = permissionCacheBuilder.build(); + assertEquals(SIMPLE_CLASS_NAME, cache.getClass().getName()); + } + + @Test + public void testNoEntriesNonExactCnt() throws Exception { + when(store.load("a")).thenReturn(new PrincipalPermissionEntries()); + when(store.load("b")).thenReturn(new PrincipalPermissionEntries()); + when(store.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.valueOf(1, false)); + + Set principalNames = Sets.newHashSet("a", "b"); + assertFalse(permissionCacheBuilder.init(principalNames, Long.MAX_VALUE).isEmpty()); + + PermissionCache cache = permissionCacheBuilder.build(); + assertEquals(EMPTY_CLASS_NAME, cache.getClass().getName()); + } + + @Test + public void testBuildMaxEntriesReached() throws Exception { + PrincipalPermissionEntries ppeA = new PrincipalPermissionEntries(1); + ppeA.putEntriesByPath("/path1", ImmutableSet.of(new PermissionEntry("/path1", false, 0, PrivilegeBits.BUILT_IN.get(PrivilegeBits.REP_READ_NODES), RestrictionPattern.EMPTY))); + + PrincipalPermissionEntries ppeB = new PrincipalPermissionEntries(1); + ppeA.putEntriesByPath("/path2", ImmutableSet.of(new PermissionEntry("/path2", false, 0, PrivilegeBits.BUILT_IN.get(PrivilegeBits.REP_READ_NODES), RestrictionPattern.EMPTY))); + + when(store.load("a")).thenReturn(ppeA); + when(store.load("b")).thenReturn(ppeB); + when(store.getNumEntries(anyString(), anyLong())).thenReturn(NumEntries.valueOf(1, true)); + + Set principalNames = Sets.newHashSet("a", "b"); + long maxSize = 1; + assertFalse(permissionCacheBuilder.init(principalNames, maxSize).isEmpty()); + + PermissionCache cache = permissionCacheBuilder.build(); + assertEquals(DEFAULT_CLASS_NAME, cache.getClass().getName()); + } +} \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/EmptyPermissionCacheTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/EmptyPermissionCacheTest.java (revision ) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/EmptyPermissionCacheTest.java (revision ) @@ -0,0 +1,50 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import com.google.common.collect.ImmutableSet; +import org.apache.jackrabbit.oak.api.Tree; +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mockito; + +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.when; + +public class EmptyPermissionCacheTest { + + private PermissionCache empty; + + @Before + public void before() { + PermissionCacheBuilder builder = new PermissionCacheBuilder(Mockito.mock(PermissionStore.class)); + builder.init(ImmutableSet.of(), Long.MAX_VALUE); + empty = builder.build(); + } + + @Test + public void testGetEntriesByPath() { + assertTrue(empty.getEntries("/path").isEmpty()); + } + + @Test + public void testGetEntriesByTree() { + Tree tree = Mockito.mock(Tree.class); + when(tree.getPath()).thenReturn("/path"); + assertTrue(empty.getEntries(tree).isEmpty()); + } +} \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java (revision 1830726) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java (revision ) @@ -21,13 +21,13 @@ import java.util.Iterator; import java.util.List; import java.util.Set; - import javax.annotation.CheckForNull; import javax.annotation.Nonnull; import javax.jcr.RepositoryException; import javax.jcr.security.AccessControlEntry; import javax.jcr.security.AccessControlManager; +import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import com.google.common.collect.Sets; import org.apache.jackrabbit.JcrConstants; @@ -72,7 +72,7 @@ protected Principal testPrincipal; protected PrivilegeBitsProvider bitsProvider; - protected List principals = new ArrayList(); + protected List principals = new ArrayList<>(); @Override @Before @@ -418,8 +418,55 @@ } @Test + public void testNumPermissionsProperty() throws Exception { + Tree everyoneRoot = getPrincipalRoot(EveryonePrincipal.getInstance()); + Tree testRoot = getPrincipalRoot(testPrincipal); + + // initial state after setup + assertNumPermissionsProperty(1, everyoneRoot); + assertNumPermissionsProperty(1, testRoot); + + // add another acl with an entry for everyone + addACE(childPath, EveryonePrincipal.getInstance(), JCR_READ); + root.commit(); + + assertNumPermissionsProperty(2, everyoneRoot); + assertNumPermissionsProperty(1, testRoot); + + // adding another ACE at an existing ACL must not change num-permissions + AccessControlManager acMgr = getAccessControlManager(root); + JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, childPath); + acl = AccessControlUtils.getAccessControlList(acMgr, childPath); + acl.addEntry(EveryonePrincipal.getInstance(), privilegesFromNames(JCR_READ), false, ImmutableMap.of(REP_GLOB, getValueFactory(root).createValue("/*/jcr:content"))); + acMgr.setPolicy(childPath, acl); + root.commit(); + + assertNumPermissionsProperty(2, everyoneRoot); + assertNumPermissionsProperty(1, testRoot); + + // remove policy at 'testPath' + acMgr.removePolicy(testPath, AccessControlUtils.getAccessControlList(acMgr, testPath)); + root.commit(); + + assertNumPermissionsProperty(1, everyoneRoot); + assertNumPermissionsProperty(0, testRoot); + + // remove all ACEs on the childPath policy -> same effect as policy removal on permission store + acl = AccessControlUtils.getAccessControlList(acMgr, childPath); + for (AccessControlEntry entry : acl.getAccessControlEntries()) { + acl.removeAccessControlEntry(entry); + } + acMgr.setPolicy(childPath, acl); + root.commit(); + + assertNumPermissionsProperty(0, everyoneRoot); + assertNumPermissionsProperty(0, testRoot); + } + + @Test public void testCollisions() throws Exception { Tree testRoot = getPrincipalRoot(testPrincipal); + assertNumPermissionsProperty(1, testRoot); String aaPath = testPath + "/Aa"; String bbPath = testPath + "/BB"; @@ -435,6 +482,7 @@ root.commit(); assertEquals(2, testRoot.getChildrenCount(Long.MAX_VALUE)); + assertNumPermissionsProperty(3, testRoot); Set accessControlledPaths = Sets.newHashSet(testPath, aa.getPath(), bb.getPath()); assertEquals(accessControlledPaths, getAccessControlledPaths(testRoot)); @@ -443,12 +491,16 @@ root.getTree(bbPath).remove(); root.commit(); } + } else { + fail(); } + } @Test public void testCollisionRemoval() throws Exception { Tree testRoot = getPrincipalRoot(testPrincipal); + assertNumPermissionsProperty(1, testRoot); String aaPath = testPath + "/Aa"; String bbPath = testPath + "/BB"; @@ -469,12 +521,14 @@ assertTrue(testRoot.hasChild(bbPath.hashCode() + "")); assertEquals(Sets.newHashSet(testPath, bb.getPath()), getAccessControlledPaths(testRoot)); + assertNumPermissionsProperty(2, testRoot); } } @Test public void testCollisionRemoval2() throws Exception { Tree testRoot = getPrincipalRoot(testPrincipal); + assertNumPermissionsProperty(1, testRoot); String aaPath = testPath + "/Aa"; String bbPath = testPath + "/BB"; @@ -495,12 +549,14 @@ assertTrue(testRoot.hasChild(aaPath.hashCode() + "")); assertEquals(Sets.newHashSet(testPath, aa.getPath()), getAccessControlledPaths(testRoot)); + assertNumPermissionsProperty(2, testRoot); } } @Test public void testCollisionRemoval3() throws Exception { Tree testRoot = getPrincipalRoot(testPrincipal); + assertNumPermissionsProperty(1, testRoot); String aaPath = testPath + "/Aa"; String bbPath = testPath + "/BB"; @@ -523,6 +579,7 @@ assertFalse(testRoot.hasChild(bbPath.hashCode() + "")); assertEquals(Sets.newHashSet(testPath), getAccessControlledPaths(testRoot)); + assertNumPermissionsProperty(1, testRoot); } } @@ -553,6 +610,7 @@ assertEquals(2, testRoot.getChildrenCount(Long.MAX_VALUE)); assertEquals(paths, getAccessControlledPaths(testRoot)); + assertNumPermissionsProperty(paths.size(), testRoot); String toRemove = null; for (String path : paths) { @@ -573,6 +631,7 @@ assertNotEquals(toRemove, getAccessControlledPath(testRoot.getChild(name))); assertEquals(paths, getAccessControlledPaths(testRoot)); + assertNumPermissionsProperty(paths.size(), testRoot); } } @@ -654,5 +713,11 @@ PropertyState pathProp = t.getProperty(REP_ACCESS_CONTROLLED_PATH); return (pathProp == null) ? null : pathProp.getValue(Type.STRING); + } + + private static void assertNumPermissionsProperty(long expectedValue, @Nonnull Tree parent) { + PropertyState p = parent.getProperty(REP_NUM_PERMISSIONS); + assertNotNull(p); + assertEquals(expectedValue, p.getValue(Type.LONG).longValue()); } } \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/NumEntriesTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/NumEntriesTest.java (revision ) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/NumEntriesTest.java (revision ) @@ -0,0 +1,87 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import org.junit.Test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotEquals; +import static org.junit.Assert.assertNotSame; +import static org.junit.Assert.assertSame; +import static org.junit.Assert.assertTrue; + +public class NumEntriesTest { + + @Test + public void testZero() { + assertTrue(NumEntries.ZERO.isExact); + assertEquals(0, NumEntries.ZERO.size); + } + + @Test + public void testValueOfExactZero() { + assertSame(NumEntries.ZERO, NumEntries.valueOf(0, true)); + } + + @Test + public void testValueOfNotExactZero() { + NumEntries ne = NumEntries.valueOf(0, false); + assertNotSame(NumEntries.ZERO, ne); + assertFalse(ne.isExact); + assertEquals(0, ne.size); + } + + @Test + public void testValueOfExact() { + NumEntries ne = NumEntries.valueOf(25, true); + assertTrue(ne.isExact); + assertEquals(25, ne.size); + } + + @Test + public void testValueOfNotExact() { + NumEntries ne = NumEntries.valueOf(25, false); + assertFalse(ne.isExact); + assertEquals(25, ne.size); + } + + @Test + public void testEquals() { + assertEquals(NumEntries.ZERO, NumEntries.ZERO); + NumEntries ne1True = NumEntries.valueOf(1, true); + NumEntries ne2True = NumEntries.valueOf(2, true); + NumEntries ne1False = NumEntries.valueOf(1, false); + + assertEquals(ne1True, ne1True); + assertNotEquals(ne1False, ne1True); + assertNotEquals(ne2True, ne1True); + + assertFalse(ne1True.equals(null)); + assertFalse(ne1True.equals(new Object())); + } + + @Test + public void testHashCode() { + assertEquals(NumEntries.ZERO.hashCode(), NumEntries.ZERO.hashCode()); + NumEntries ne1True = NumEntries.valueOf(1, true); + NumEntries ne1False = NumEntries.valueOf(1, false); + + assertEquals(ne1True.hashCode(), ne1True.hashCode()); + assertNotEquals(ne1False.hashCode(), ne1True.hashCode()); + } +} \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreImplTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreImplTest.java (revision ) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreImplTest.java (revision ) @@ -0,0 +1,193 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.security.authorization.permission; + +import java.lang.reflect.Method; +import java.security.Principal; +import java.util.Collection; +import javax.annotation.CheckForNull; +import javax.annotation.Nonnull; +import javax.jcr.RepositoryException; +import javax.jcr.security.AccessControlManager; + +import org.apache.jackrabbit.JcrConstants; +import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; +import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils; +import org.apache.jackrabbit.oak.AbstractSecurityTest; +import org.apache.jackrabbit.oak.api.Tree; +import org.apache.jackrabbit.oak.plugins.tree.TreeUtil; +import org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration; +import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants; +import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal; +import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants; +import org.apache.jackrabbit.oak.util.NodeUtil; +import org.junit.After; +import org.junit.Before; +import org.junit.Test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; + +public class PermissionStoreImplTest extends AbstractSecurityTest implements PermissionConstants { + + private PermissionStoreImpl permissionStore; + + private Principal testPrincipal; + + private String testPath = "/testPath"; + private String childPath = "/testPath/childNode"; + + @Before + public void before() throws Exception { + super.before(); + testPrincipal = getTestUser().getPrincipal(); + + NodeUtil rootNode = new NodeUtil(root.getTree("/"), namePathMapper); + NodeUtil testNode = rootNode.addChild("testPath", JcrConstants.NT_UNSTRUCTURED); + testNode.addChild("childNode", JcrConstants.NT_UNSTRUCTURED); + + addAcl(testPath, EveryonePrincipal.getInstance()); + addAcl(childPath, EveryonePrincipal.getInstance()); + root.commit(); + + permissionStore = new PermissionStoreImpl(root, root.getContentSession().getWorkspaceName(), getConfig(AuthorizationConfiguration.class).getRestrictionProvider()); + } + + private void addAcl(@Nonnull String path, @Nonnull Principal principal) throws RepositoryException { + AccessControlManager acMgr = getAccessControlManager(root); + JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, path); + acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.JCR_READ)); + acMgr.setPolicy(path, acl); + } + + @After + public void after() throws Exception { + try { + AccessControlManager acMgr = getAccessControlManager(root); + JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath); + acMgr.removePolicy(testPath, acl); + root.commit(); + } finally { + super.after(); + } + } + + @Test + public void testLoad() { + PrincipalPermissionEntries entries = permissionStore.load(EveryonePrincipal.NAME); + assertNotNull(entries); + assertTrue(entries.isFullyLoaded()); + assertEquals(2, entries.getSize()); + } + + @Test + public void testLoadMissingPrincipalRoot() { + PrincipalPermissionEntries entries = permissionStore.load(testPrincipal.getName()); + assertNotNull(entries); + assertTrue(entries.isFullyLoaded()); + assertEquals(0, entries.getSize()); + } + + @Test + public void testLoadWithNesting() throws Exception { + try { + Tree everyoneTree = getPermissionRoot(EveryonePrincipal.NAME); + everyoneTree.removeProperty(REP_NUM_PERMISSIONS); + for (Tree child : everyoneTree.getChildren()) { + if (child.hasProperty(REP_ACCESS_CONTROLLED_PATH)) { + String name = child.getName(); + Tree collision = TreeUtil.addChild(child, "c_"+child.getName(), NT_REP_PERMISSION_STORE); + collision.setProperty(REP_ACCESS_CONTROLLED_PATH, "/another/path"); + Tree entry = TreeUtil.addChild(collision, "1", NT_REP_PERMISSIONS); + entry.setProperty(REP_PRIVILEGE_BITS, PermissionStore.DYNAMIC_ALL_BITS); + entry.setProperty(REP_IS_ALLOW, false); + break; + } + } + + PrincipalPermissionEntries entries = permissionStore.load(EveryonePrincipal.NAME); + assertNotNull(entries); + assertTrue(entries.isFullyLoaded()); + assertEquals(3, entries.getSize()); + } finally { + root.refresh(); + } + } + + @Test + public void testLoadByPath() { + Collection entries = permissionStore.load(EveryonePrincipal.NAME, testPath); + assertNotNull(entries); + assertFalse(entries.isEmpty()); + } + + @Test + public void testLoadByPathWithoutEntries() { + assertNull(permissionStore.load(EveryonePrincipal.NAME, testPath + "/notAccessControlled")); + } + + @Test + public void testLoadByPathMissingPrincipalRoot() { + assertNull(permissionStore.load(testPrincipal.getName(), testPath)); + } + + @Test + public void testGetNumEntries() { + assertEquals(NumEntries.valueOf(2, true), permissionStore.getNumEntries(EveryonePrincipal.NAME, Long.MAX_VALUE)); + } + + @Test + public void testGetNumEntriesMissingPrincipalRoot() { + assertEquals(NumEntries.valueOf(0, true), permissionStore.getNumEntries(testPrincipal.getName(), Long.MAX_VALUE)); + } + + @Test + public void testGetNumEntriesMissingProperty() throws Exception { + try { + Tree everyoneTree = getPermissionRoot(EveryonePrincipal.NAME); + everyoneTree.removeProperty(REP_NUM_PERMISSIONS); + + assertEquals(NumEntries.valueOf(2, false), permissionStore.getNumEntries(EveryonePrincipal.NAME, Long.MAX_VALUE)); + } finally { + root.refresh(); + } + } + + @Test + public void testGetNumEntriesMissingPropertyThreshold() throws Exception { + try { + Tree everyoneTree = getPermissionRoot(EveryonePrincipal.NAME); + everyoneTree.removeProperty(REP_NUM_PERMISSIONS); + + long max = 1; + assertEquals(NumEntries.valueOf(everyoneTree.getChildrenCount(max), false), permissionStore.getNumEntries(EveryonePrincipal.NAME, max)); + } finally { + root.refresh(); + } + } + + @CheckForNull + private Tree getPermissionRoot(@Nonnull String principalName) throws Exception { + Method m = PermissionStoreImpl.class.getDeclaredMethod("getPrincipalRoot", String.class); + m.setAccessible(true); + + return (Tree) m.invoke(permissionStore, principalName); + } +} \ No newline at end of file Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImplTest.java IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImplTest.java (revision 1830726) +++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImplTest.java (revision ) @@ -19,14 +19,11 @@ import java.lang.reflect.Field; import java.util.Collection; import java.util.Collections; -import java.util.Map; import java.util.Set; - import javax.annotation.Nonnull; import com.google.common.collect.ImmutableSet; import com.google.common.collect.Sets; - import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; import org.junit.Test; @@ -34,9 +31,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotSame; -import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; public class PermissionEntryProviderImplTest { @@ -50,7 +45,6 @@ @Test public void testInitLongOverflow() throws Exception { MockPermissionStore store = new MockPermissionStore(); - PermissionEntryCache cache = new MockPermissionEntryCache(); Set principalNames = ImmutableSet.of(GROUP_LONG_MAX); /* @@ -60,7 +54,7 @@ return Long.MAX_VALUE the cache should not be filled (-> the mock-cache implementation will fail. */ - PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, cache, principalNames, ConfigurationParameters.EMPTY); + PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, principalNames, ConfigurationParameters.EMPTY); Field existingNamesField = provider.getClass().getDeclaredField("existingNames"); existingNamesField.setAccessible(true); @@ -76,7 +70,6 @@ @Test public void testInitLongOverflow2() throws Exception { MockPermissionStore store = new MockPermissionStore(); - PermissionEntryCache cache = new MockPermissionEntryCache(); Set principalNames = ImmutableSet.of(GROUP_LONG_MAX_MINUS_10, GROUP_50); /* @@ -86,7 +79,7 @@ entries must deal with the fact that the counter may become bigger that Long.MAX_VALUE */ - PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, cache, principalNames, ConfigurationParameters.EMPTY); + PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, principalNames, ConfigurationParameters.EMPTY); Set existingNames = getExistingNames(provider); assertEquals(principalNames, existingNames); @@ -99,14 +92,13 @@ @Test public void testExistingNamesAndLongOverFlow() throws Exception { MockPermissionStore store = new MockPermissionStore(); - PermissionEntryCache cache = new MockPermissionEntryCache(); Set principalNames = Sets.newHashSet(GROUP_LONG_MAX_MINUS_10, GROUP_50, "noEntries"); /* same as before but principal-set contains a name for which not entries exist -> the 'existingNames' set must properly reflect that */ - PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, cache, principalNames, ConfigurationParameters.EMPTY); + PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, principalNames, ConfigurationParameters.EMPTY); Set existingNames = getExistingNames(provider); assertFalse(principalNames.equals(existingNames)); @@ -119,17 +111,12 @@ @Test public void testNoExistingName() throws Exception { MockPermissionStore store = new MockPermissionStore(); - PermissionEntryCache cache = new MockPermissionEntryCache(); Set principalNames = Sets.newHashSet("noEntries", "noEntries2", "noEntries3"); - PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, cache, principalNames, ConfigurationParameters.EMPTY); + PermissionEntryProviderImpl provider = new PermissionEntryProviderImpl(store, principalNames, ConfigurationParameters.EMPTY); Set existingNames = getExistingNames(provider); assertTrue(existingNames.isEmpty()); - - Field pathMapField = provider.getClass().getDeclaredField("pathEntryMap"); - pathMapField.setAccessible(true); - assertNull(pathMapField.get(provider)); } /** @@ -152,7 +139,7 @@ @Override public Collection load( - Collection entries, @Nonnull String principalName, + @Nonnull String principalName, @Nonnull String path) { return null; } @@ -163,30 +150,25 @@ return new PrincipalPermissionEntries(); } + @Nonnull @Override - public long getNumEntries(@Nonnull String principalName, long max) { + public NumEntries getNumEntries(@Nonnull String principalName, long max) { long cnt = 0; - if (GROUP_LONG_MAX_MINUS_10.equals(principalName)) { + switch (principalName) { + case GROUP_LONG_MAX_MINUS_10: - cnt = Long.MAX_VALUE - 10; + cnt = Long.MAX_VALUE - 10; - } else if (GROUP_50.equals(principalName)) { + break; + case GROUP_50: - cnt = 50; + cnt = 50; - } else if (GROUP_LONG_MAX.equals(principalName)) { + break; + case GROUP_LONG_MAX: - cnt = Long.MAX_VALUE; + cnt = Long.MAX_VALUE; + break; } - return cnt; + return NumEntries.valueOf(cnt, true); } public void flush(@Nonnull Root root) { - } - - } - - private class MockPermissionEntryCache extends PermissionEntryCache { - @Override - public void load(@Nonnull PermissionStore store, - @Nonnull Map> pathEntryMap, - @Nonnull String principalName) { - fail("The number of entries exceeds the max cache size"); } } }