private static void assertCyclicMembershipError(Exception e) { Throwable th = e.getCause(); if (th != null) { assertTrue(th instanceof CommitFailedException); CommitFailedException ce = (CommitFailedException) th; assertEquals(CommitFailedException.CONSTRAINT, ce.getType()); assertEquals(31, ce.getCode()); } }
private static void assertCyclicCommitFailed(RepositoryException e) { Throwable th = e.getCause(); if (th != null) { assertTrue(th instanceof CommitFailedException); assertEquals(31, ((CommitFailedException) th).getCode()); } }
@Test public void testManuallyModifyExpirationDate() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); NodeUtil tokenTree = new NodeUtil(getTokenTree(info)); try { tokenTree.setDate(TOKEN_ATTRIBUTE_EXPIRY, new Date().getTime()); root.commit(); fail("The token expiry must not manually be changed"); } catch (CommitFailedException e) { assertEquals(63, e.getCode()); } }
@Test public void testPropertyDeleted() throws Exception { try { PropertyState before = PropertyStates.createProperty(REP_AGGREGATES, ImmutableList.of(REP_READ_NODES, REP_READ_PROPERTIES), Type.NAMES); PrivilegeValidator validator = new PrivilegeValidator(root, root, getTreeProvider()); validator.propertyDeleted(before); fail("removing property from privilege store must fail."); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertEquals(46, e.getCode()); } }
@Test public void testPropertyChanged() throws Exception { try { PropertyState before = PropertyStates.createProperty(REP_AGGREGATES, ImmutableList.of(REP_READ_NODES, REP_READ_PROPERTIES), Type.NAMES); PropertyState after = PropertyStates.createProperty(REP_AGGREGATES, ImmutableList.of(REP_READ_NODES), Type.NAMES); PrivilegeValidator validator = new PrivilegeValidator(root, root, getTreeProvider()); validator.propertyChanged(before, after); fail("modifying property in privilege store must fail."); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertEquals(45, e.getCode()); } }
@Test public void testChildNodeDeleted() { try { root.getTree(PRIVILEGES_PATH).getChild(JCR_READ).remove(); root.commit(); fail("removing privilege from privilege store must fail."); } catch (CommitFailedException e) { // success assertTrue(e.isConstraintViolation()); assertEquals(42, e.getCode()); } }
@Test public void testPlaintextTokenKey() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); NodeUtil tokenTree = new NodeUtil(getTokenTree(info)); try { tokenTree.setString(TOKEN_ATTRIBUTE_KEY, "anotherValue"); root.commit(CommitMarker.asCommitAttributes()); fail("The token key must not be plaintext."); } catch (CommitFailedException e) { assertEquals(66, e.getCode()); } }
@Test public void testChangeTokenParentPrimaryType() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); try { Tree tokensTree = getTokenTree(info).getParent(); tokensTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, JcrConstants.NT_UNSTRUCTURED, Type.NAME); root.commit(); fail("The primary type of the token parent must not be changed from rep:Unstructured to another type."); } catch (CommitFailedException e) { assertEquals(69, e.getCode()); } finally { root.refresh(); } }
@Test public void testPrivBitsMissing() { try { NodeState newDef = new MemoryNodeBuilder(EmptyNodeState.EMPTY_NODE) .setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PRIVILEGE) .getNodeState(); PrivilegeValidator validator = createPrivilegeValidator(); validator.childNodeAdded("test", newDef); fail("missing priv bits must be detected."); } catch (CommitFailedException e) { assertTrue(e.isConstraintViolation()); assertEquals(48, e.getCode()); } }
@Test public void testChangingTokenKey() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); NodeUtil tokenTree = new NodeUtil(getTokenTree(info)); try { tokenTree.setString(TOKEN_ATTRIBUTE_KEY, PasswordUtil.buildPasswordHash("anotherValue")); root.commit(CommitMarker.asCommitAttributes()); fail("The token key must never be modified."); } catch (CommitFailedException e) { assertEquals(61, e.getCode()); } }
@Test public void testRemoveExternalPrincipalNames() throws Exception { Tree userTree = root.getTree(externalUserPath); try { userTree.removeProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES); root.commit(); fail("Removing rep:externalPrincipalNames must be detected."); } catch (CommitFailedException e) { // success assertEquals(70, e.getCode()); } finally { root.refresh(); } }
@Override @Test public void testRemoveRepExternalId() { try { root.getTree(externalUserPath).removeProperty(ExternalIdentityConstants.REP_EXTERNAL_ID); root.commit(); fail("Removal of rep:externalId must be detected in the default setup."); } catch (CommitFailedException e) { // success: verify nature of the exception assertTrue(e.isConstraintViolation()); assertEquals(74, e.getCode()); } }
@Test public void testAddRepExternalId() throws Exception { try { root.getTree(testUserPath).setProperty(ExternalIdentityConstants.REP_EXTERNAL_ID, "id"); root.commit(); fail("Adding rep:externalId must be detected in the default setup."); } catch (CommitFailedException e) { // success: verify nature of the exception assertTrue(e.isConstraintViolation()); assertEquals(74, e.getCode()); } }
@Test public void testRemoveRepExternalId() { try { root.getTree(externalUserPath).removeProperty(ExternalIdentityConstants.REP_EXTERNAL_ID); root.commit(); fail("Removal of rep:externalId must be detected in the default setup."); } catch (CommitFailedException e) { // success: verify nature of the exception assertTrue(e.isConstraintViolation()); assertEquals(73, e.getCode()); } }
@Test public void testModifyRepExternalId() throws Exception { try { root.getTree(externalUserPath).setProperty(ExternalIdentityConstants.REP_EXTERNAL_ID, "anotherValue"); root.commit(); fail("Modification of rep:externalId must be detected in the default setup."); } catch (CommitFailedException e) { // success: verify nature of the exception assertTrue(e.isConstraintViolation()); assertEquals(74, e.getCode()); } }
@Test public void testAddExternalPrincipalNamesAsSystemMissingExternalId() throws Exception { Root systemRoot = getSystemRoot(); try { NodeUtil n = new NodeUtil(systemRoot.getTree(testUserPath)); n.setStrings(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES, "principalName"); systemRoot.commit(); fail("Creating rep:externalPrincipalNames without rep:externalId must be detected."); } catch (CommitFailedException e) { // success assertEquals(72, e.getCode()); } finally { systemRoot.refresh(); } }
@Test public void testRemoveRepExternalIdAsSystem() throws Exception { Root systemRoot = getSystemRoot(); try { NodeUtil n = new NodeUtil(systemRoot.getTree(externalUserPath)); n.removeProperty(ExternalIdentityConstants.REP_EXTERNAL_ID); systemRoot.commit(); fail("Removing rep:externalId is not allowed if rep:externalPrincipalNames is present."); } catch (CommitFailedException e) { // success assertEquals(73, e.getCode()); } finally { systemRoot.refresh(); } }
@Test public void testChangePrimaryType() { node = new NodeUtil(root.getTree(SUPPORTED_PATH2)); try { node.setName(JcrConstants.JCR_PRIMARYTYPE, NT_REP_CUG_POLICY); node.setStrings(REP_PRINCIPAL_NAMES, EveryonePrincipal.NAME); root.commit(); fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessControlViolation()); assertEquals(20, e.getCode()); } }
@Test public void testNestedCache() throws Exception { NodeUtil cache = new NodeUtil(getCache(getTestUser())); try { NodeUtil c = cache.getOrAddChild(CacheConstants.REP_CACHE, CacheConstants.NT_REP_CACHE); c.setLong(CacheConstants.REP_EXPIRATION, 223); root.commit(CacheValidatorProvider.asCommitAttributes()); fail("Creating nested cache must fail."); } catch (CommitFailedException e) { assertTrue(e.isConstraintViolation()); assertEquals(34, e.getCode()); } finally { root.refresh(); } }
@Test public void testCreateCacheBelowPersistedProfile() throws Exception { try { NodeUtil node = new NodeUtil(getAuthorizableTree(getTestUser())); NodeUtil child = node.addChild("profile", NodeTypeConstants.NT_OAK_UNSTRUCTURED); root.commit(); child.addChild(CacheConstants.REP_CACHE, CacheConstants.NT_REP_CACHE).setLong(CacheConstants.REP_EXPIRATION, 23); root.commit(CacheValidatorProvider.asCommitAttributes()); fail("Creating rep:cache node below a user or group must fail."); } catch (CommitFailedException e) { assertTrue(e.isConstraintViolation()); assertEquals(34, e.getCode()); } finally { root.refresh(); } }