From 2055088a2ce581d1e08e76cb4442fda10092fecf Mon Sep 17 00:00:00 2001 From: Elmira Zhernova Date: Wed, 10 Apr 2019 11:56:44 +0300 Subject: [PATCH] =?UTF-8?q?issue=20#=207=C2=A0=20fix=20to=20be=20able=20to?= =?UTF-8?q?=20test=20system-users.=20Requires=20OSGI=20config=20with=20ser?= =?UTF-8?q?vice=20mapping=20for=20bundle=20'biz.netcentric.aem.tools.acces?= =?UTF-8?q?scontrolvalidator.bundle'=20Service=20name=20in=20this=20config?= =?UTF-8?q?=20should=20be=20equal=20to=20system=20user=20id.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tools/acvalidator/model/AcTestSet.java | 41 +++++++++++-------- .../ServiceResourceResolverService.java | 5 ++- .../ServiceResourceResolverServiceImpl.java | 7 ++++ 3 files changed, 36 insertions(+), 17 deletions(-) diff --git a/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/model/AcTestSet.java b/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/model/AcTestSet.java index 9128bca..520ada8 100644 --- a/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/model/AcTestSet.java +++ b/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/model/AcTestSet.java @@ -13,7 +13,7 @@ import javax.jcr.RepositoryException; -import org.apache.jackrabbit.api.security.user.AuthorizableExistsException; +import org.apache.jackrabbit.api.security.user.Authorizable; import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.api.security.user.UserManager; @@ -34,7 +34,7 @@ * */ public class AcTestSet { - + private final Logger LOG = LoggerFactory.getLogger(AcTestSet.class); @@ -48,7 +48,7 @@ public class AcTestSet { /** * Constructor - * + * * @param authorizableID user/group id */ public AcTestSet(String authorizableID, String pathToTestfile) { @@ -59,14 +59,14 @@ public AcTestSet(String authorizableID, String pathToTestfile) { public void addAcTestCase(Testable testable){ this.acTestCase.add(testable); } - + public String getAuthorizableID(){ return this.authorizableID; } /** * creates the needed testuser and resolver needed for the testcases, executes the tests and cleans up afterwards - * @param serviceResourceResolverService + * @param serviceResourceResolverService * @return * @throws RepositoryException * @throws LoginException @@ -74,41 +74,50 @@ public String getAuthorizableID(){ public List isOk(ServiceResourceResolverService serviceResourceResolverService) throws RepositoryException, LoginException { List resultList = new ArrayList<>(); User testuser = null; - Group testGroup = null; + Authorizable authorizableToTest = null; ResourceResolver serviceResourcerResolver = null; ResourceResolver testUserResolver = null; try { - // create authorizables + // create authorizables serviceResourcerResolver = serviceResourceResolverService.getServiceResourceResolver(); UserManager userManager = getUserManager(serviceResourcerResolver); + boolean isSystemUser = !userManager.getAuthorizable(authorizableID).isGroup(); + + if (isSystemUser) { + testUserResolver = serviceResourceResolverService.getServiceResourceResolver(authorizableID); + authorizableToTest = userManager.getAuthorizable(authorizableID); + + } else { + testuser = userManager.createUser(ACVALIDATOR_TESTUSER_ID, ACVALIDATOR_TESTUSER_PASSWORD); - testGroup = getTestGroup(getUserManager(serviceResourcerResolver), authorizableID, testuser); + authorizableToTest = getTestGroup(getUserManager(serviceResourcerResolver), authorizableID, testuser); - // we need to persist the created testuser in order to be able to get a resolver for him + // we need to persist the created testuser in order to be able to get a resolver for him serviceResourcerResolver.commit(); LOG.debug("comitting serviceResourcerResolver to persist testuser"); // create ResourceResolver for the testuser based on his permissions testUserResolver = serviceResourceResolverService.getTestUserResourceResolver(ACVALIDATOR_TESTUSER_ID, ACVALIDATOR_TESTUSER_PASSWORD); + } // execute all testcases for the testuser for(Testable testable: acTestCase){ - resultList.add(testable.isOk(serviceResourcerResolver, testUserResolver, testGroup)); + resultList.add(testable.isOk(serviceResourcerResolver, testUserResolver, authorizableToTest)); } } catch (PersistenceException e) { throw new RepositoryException(e); - }finally{ + } finally { // clean up temporary testuser - if(testGroup != null && testuser != null){ - testGroup.removeMember(testuser); + if(authorizableToTest != null && authorizableToTest instanceof Group && testuser != null){ + ((Group)authorizableToTest).removeMember(testuser); } if(testuser != null){ testuser.remove(); } - + // close resolvers - + if(testUserResolver != null){ testUserResolver.revert(); testUserResolver.close(); @@ -128,7 +137,7 @@ public List isOk(ServiceResourceResolverService serviceResourceResol return resultList; } - private Group getTestGroup(UserManager userManager, String authorizableID, User testuser) throws AuthorizableExistsException, RepositoryException{ + private Group getTestGroup(UserManager userManager, String authorizableID, User testuser) throws RepositoryException{ Group group = (Group) userManager.getAuthorizable(authorizableID); group.addMember(testuser); return group; diff --git a/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverService.java b/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverService.java index 741f4ca..543f3b1 100644 --- a/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverService.java +++ b/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverService.java @@ -29,7 +29,10 @@ public interface ServiceResourceResolverService { * @throws LoginException error getting resource resolver */ ResourceResolver getServiceResourceResolver() throws LoginException; - + + ResourceResolver getServiceResourceResolver(String authorizableID) throws LoginException; + + Session getUserSession(SimpleCredentials credentials) throws javax.jcr.LoginException, RepositoryException; diff --git a/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverServiceImpl.java b/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverServiceImpl.java index b9a1475..b7f668f 100644 --- a/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverServiceImpl.java +++ b/accesscontrolvalidator-bundle/src/main/java/biz/netcentric/aem/tools/acvalidator/serviceuser/ServiceResourceResolverServiceImpl.java @@ -46,6 +46,13 @@ public ResourceResolver getServiceResourceResolver() throws LoginException { return resourceResolverFactory.getServiceResourceResolver(authenticationInfo); } + @Override + public ResourceResolver getServiceResourceResolver(String authorizableID) throws LoginException { + final Map authenticationInfo = new HashMap<>(); + authenticationInfo.put(ResourceResolverFactory.SUBSERVICE, authorizableID); + return resourceResolverFactory.getServiceResourceResolver(authenticationInfo); + } + @Override public Session getUserSession(SimpleCredentials credentials) throws javax.jcr.LoginException, RepositoryException { javax.jcr.Session session = repository.login(credentials);