Example 1 with ParentEntryEvictedException
use of org.xwiki.security.authorization.cache.ParentEntryEvictedException in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method testAddSecurityAccessEntry.
@Test
public void testAddSecurityAccessEntry() throws Exception {
InsertUsers();
InsertEntities();
final List<SecurityAccessEntry> allEntries = new ArrayList<SecurityAccessEntry>();
// Insert and check insertion individually for simple users
for (UserSecurityReference user : userRefs) {
for (SecurityReference ref : entityRefs) {
assertThat(securityCache.get(user, ref), is(nullValue()));
SecurityAccessEntry entry = mockSecurityAccessEntry(ref, user);
if (AddAccessEntry(entry) != null) {
assertThat(securityCache.get(user, ref), sameInstance(entry));
allEntries.add(entry);
}
}
}
// Insert and check insertion individually for group users
for (UserSecurityReference user : groupUserRefs) {
for (SecurityReference ref : entityRefs) {
assertThat(securityCache.get(user, ref), is(nullValue()));
SecurityAccessEntry entry = mockSecurityAccessEntry(ref, user);
if (AddAccessEntry(entry) != null) {
assertThat(securityCache.get(user, ref), sameInstance(entry));
allEntries.add(entry);
}
}
}
// Check all insertions
for (SecurityAccessEntry entry : allEntries) {
assertThat(securityCache.get(entry.getUserReference(), entry.getReference()), sameInstance(entry));
}
// Check a non-conflicting duplicate insertion
try {
AddAccessEntry(allEntries.get(0));
} catch (ConflictingInsertionException e) {
fail("Inserting the same access entry twice should NOT throw a ConflictingInsertionException.");
}
// Check a conflicting duplicate insertion
try {
final SecurityReference ref = allEntries.get(0).getReference();
final UserSecurityReference user = allEntries.get(0).getUserReference();
SecurityAccessEntry entry = mock(SecurityAccessEntry.class, "Another access for " + allEntries.get(0).getUserReference().toString() + " on " + allEntries.get(0).getReference().toString());
when(entry.getUserReference()).thenReturn(user);
when(entry.getReference()).thenReturn(ref);
AddAccessEntry(entry);
fail("Inserting a different access entry for the same reference should throw" + " a ConflictingInsertionException.");
} catch (ConflictingInsertionException ignore) {
// Expected.
}
// Check insertion of entries without inserting either the entity or the user first
try {
AddAccessEntry(mockSecurityAccessEntry(aMissingEntityRef, xuserRef));
fail("Inserting a access entry without inserting its entity first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
try {
AddAccessEntry(mockSecurityAccessEntry(xdocRef, aMissingUserRef));
fail("Inserting a access entry without inserting its user first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
}
Also used :
SecurityAccessEntry(org.xwiki.security.authorization.SecurityAccessEntry)
ArrayList(java.util.ArrayList)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
Test(org.junit.Test)
Example 2 with ParentEntryEvictedException
use of org.xwiki.security.authorization.cache.ParentEntryEvictedException in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method testAddSecurityShadowEntry.
@Test
public void testAddSecurityShadowEntry() throws Exception {
InsertUsersWithouShadow();
final List<SecurityShadowEntry> allEntries = new ArrayList<SecurityShadowEntry>();
// Check inserting shadow users
for (UserSecurityReference ref : userRefs) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
assertThat(((DefaultSecurityCache) securityCache).get(AddUserEntry(entry)), sameInstance((SecurityEntry) entry));
allEntries.add(entry);
}
}
}
// Check inserting some shadow groups
for (GroupSecurityReference ref : groupRefs.keySet()) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
assertThat(((DefaultSecurityCache) securityCache).get(AddUserEntry(entry)), sameInstance((SecurityEntry) entry));
allEntries.add(entry);
}
}
}
// Check inserting shadow users in shadow groups
for (UserSecurityReference ref : groupUserRefs) {
if (ref.isGlobal()) {
for (SecurityReference wiki : Arrays.asList(wikiRef, anotherWikiRef)) {
SecurityShadowEntry entry = mockSecurityShadowEntry(ref, wiki);
assertThat(((DefaultSecurityCache) securityCache).get(AddUserEntry(entry)), sameInstance((SecurityEntry) entry));
allEntries.add(entry);
}
}
}
// Check a duplicate insertion
try {
AddUserEntry(allEntries.get(0));
} catch (ConflictingInsertionException e) {
fail("Inserting the same shadow entry twice should NOT throw a ConflictingInsertionException.");
}
// Check inserting a shadow for a missing user in an existing wiki
try {
AddUserEntry(mockSecurityShadowEntry(aMissingUserRef, wikiRef));
fail("Inserting a shadow entry without inserting its global user first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
// Check inserting a shadow for a existing user in a missing wiki
try {
AddUserEntry(mockSecurityShadowEntry(xuserRef, aMissingWikiRef));
fail("Inserting a shadow entry without inserting its wiki first should throw" + " a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
}
Also used :
SecurityEntry(org.xwiki.security.authorization.SecurityEntry)
ArrayList(java.util.ArrayList)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
SecurityShadowEntry(org.xwiki.security.authorization.cache.SecurityShadowEntry)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
Test(org.junit.Test)
Example 3 with ParentEntryEvictedException
use of org.xwiki.security.authorization.cache.ParentEntryEvictedException in project xwiki-platform by xwiki.
the class DefaultSecurityCacheLoader method load.
@Override
public SecurityAccessEntry load(UserSecurityReference user, SecurityReference entity) throws AuthorizationException {
int retries = 0;
Exception lastException;
while (true) {
rulesInvalidator.suspend();
try {
retries++;
return loadRequiredEntries(user, entity);
} catch (ParentEntryEvictedException e) {
lastException = e;
if (retries < MAX_RETRIES) {
this.logger.debug("The parent entry was evicted. Have tried {} times. Trying again...", retries);
continue;
}
} catch (ConflictingInsertionException e) {
lastException = e;
if (retries < MAX_RETRIES) {
this.logger.debug("There were conflicting insertions. Have tried {} times. Retrying...", retries);
continue;
}
} finally {
rulesInvalidator.resume();
}
String message = String.format("Failed to load the cache in %d attempts. Giving up.", retries);
this.logger.error(message);
throw new AuthorizationException(user.getOriginalDocumentReference(), entity.getOriginalReference(), message, lastException);
}
}
Also used :
AuthorizationException(org.xwiki.security.authorization.AuthorizationException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
AuthorizationException(org.xwiki.security.authorization.AuthorizationException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
Example 4 with ParentEntryEvictedException
use of org.xwiki.security.authorization.cache.ParentEntryEvictedException in project xwiki-platform by xwiki.
the class DefaultSecurityCacheTest method testAddSecurityRuleEntry.
@Test
public void testAddSecurityRuleEntry() throws Exception {
final List<SecurityRuleEntry> ruleEntries = new ArrayList<SecurityRuleEntry>();
// Insert and check insertion individually
for (SecurityReference ref : entityRefs) {
assertThat(securityCache.get(ref), is(nullValue()));
SecurityRuleEntry entry = mockSecurityRuleEntry(ref);
AddRuleEntry(entry);
assertThat(securityCache.get(ref), sameInstance(entry));
ruleEntries.add(entry);
}
// XWiki spaces are required to load user entries
for (SecurityReference ref : xwikiSpaceRefs) {
SecurityRuleEntry entry = mockSecurityRuleEntry(ref);
AddRuleEntry(entry);
assertThat(securityCache.get(ref), sameInstance(entry));
ruleEntries.add(entry);
}
// Check inserting users
for (SecurityReference ref : userRefs) {
SecurityRuleEntry entry = mockSecurityRuleEntry(ref);
AddRuleEntry(entry);
assertThat(securityCache.get(ref), sameInstance(entry));
ruleEntries.add(entry);
}
// Insert some groups
for (SecurityReference ref : groupRefs.keySet()) {
SecurityRuleEntry entry = mockSecurityRuleEntry(ref);
AddRuleEntry(entry);
assertThat(securityCache.get(ref), sameInstance(entry));
ruleEntries.add(entry);
}
// Check inserting users in groups
for (SecurityReference ref : groupUserRefs) {
SecurityRuleEntry entry = mockSecurityRuleEntry(ref);
AddRuleEntry(entry);
assertThat(securityCache.get(ref), sameInstance(entry));
ruleEntries.add(entry);
}
// Check all insertions
for (SecurityRuleEntry entry : ruleEntries) {
assertThat(securityCache.get(entry.getReference()), sameInstance(entry));
}
// Check a non-conflicting duplicate insertion
try {
AddRuleEntry(ruleEntries.get(0));
} catch (ConflictingInsertionException e) {
fail("Inserting the same rule entry twice should NOT throw a ConflictingInsertionException.");
}
// Check a conflicting duplicate insertion
try {
final SecurityReference ref = ruleEntries.get(0).getReference();
SecurityRuleEntry entry = mock(SecurityRuleEntry.class, "Another entry for " + ruleEntries.get(0).getReference().toString());
when(entry.getReference()).thenReturn(ref);
AddRuleEntry(entry);
fail("Inserting a different rule entry for the same reference should throw" + " a ConflictingInsertionException.");
} catch (ConflictingInsertionException ignore) {
// Expected.
}
// Check an insertion of an entry without inserting all its parents first
try {
AddRuleEntry(mockSecurityRuleEntry(aMissingParentRef));
fail("Inserting a rule entry without its parents should throw a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
// Check an insertion of a user without inserting all its groups first
try {
AddUserEntry(mockSecurityRuleEntry(aMissingUserRef), Arrays.asList(groupRef, aMissingGroupRef));
fail("Inserting a user entry without its parents should throw a ParentEntryEvictedException.");
} catch (ParentEntryEvictedException ignore) {
// Expected.
}
}
Also used :
SecurityRuleEntry(org.xwiki.security.authorization.SecurityRuleEntry)
ArrayList(java.util.ArrayList)
GroupSecurityReference(org.xwiki.security.GroupSecurityReference)
SecurityReference(org.xwiki.security.SecurityReference)
UserSecurityReference(org.xwiki.security.UserSecurityReference)
ConflictingInsertionException(org.xwiki.security.authorization.cache.ConflictingInsertionException)
ParentEntryEvictedException(org.xwiki.security.authorization.cache.ParentEntryEvictedException)
Test(org.junit.Test)
Aggregations
ConflictingInsertionException (org.xwiki.security.authorization.cache.ConflictingInsertionException)4
ParentEntryEvictedException (org.xwiki.security.authorization.cache.ParentEntryEvictedException)4
ArrayList (java.util.ArrayList)3
Test (org.junit.Test)3
GroupSecurityReference (org.xwiki.security.GroupSecurityReference)3
SecurityReference (org.xwiki.security.SecurityReference)3
UserSecurityReference (org.xwiki.security.UserSecurityReference)3
AuthorizationException (org.xwiki.security.authorization.AuthorizationException)1
SecurityAccessEntry (org.xwiki.security.authorization.SecurityAccessEntry)1
SecurityEntry (org.xwiki.security.authorization.SecurityEntry)1
SecurityRuleEntry (org.xwiki.security.authorization.SecurityRuleEntry)1
SecurityShadowEntry (org.xwiki.security.authorization.cache.SecurityShadowEntry)1
