@Test public void testMergeAclForTwoAllowRulesWillMergeThePermissionsAndFlagsOfTwoAclsForTheSameUser() { CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .addFlag(AclEntryFlag.DIRECTORY_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.DELETE) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<?> mergedAcl = checker.mergeAcl(new ConflictingCloudAclEntry(cloudAclEntry1, cloudAclEntry2)); Assert.assertEquals("user1", ((TestUserImpl)mergedAcl.getPrincipal()).getName()); Assert.assertEquals(AclEntryType.ALLOW, mergedAcl.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.DELETE, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY), mergedAcl.getPermissions()); Assert.assertEquals(EnumSet.of(AclEntryFlag.DIRECTORY_INHERIT, AclEntryFlag.FILE_INHERIT), mergedAcl.getFlags()); }
@Test public void testMergeAclForTwoDenyRulesWillMergeThePermissionsAndFlagsOfTwoAclsForTheSameUser() { CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .addFlag(AclEntryFlag.DIRECTORY_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.DELETE) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<?> mergedAcl = checker.mergeAcl(new ConflictingCloudAclEntry(cloudAclEntry1, cloudAclEntry2)); Assert.assertEquals("user1", ((TestUserImpl)mergedAcl.getPrincipal()).getName()); Assert.assertEquals(AclEntryType.DENY, mergedAcl.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.DELETE, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY), mergedAcl.getPermissions()); Assert.assertEquals(EnumSet.of(AclEntryFlag.DIRECTORY_INHERIT, AclEntryFlag.FILE_INHERIT), mergedAcl.getFlags()); }
private AclEntry createConfigurationAccessACLEntry(UserPrincipal user) { AclEntry entry = AclEntry .newBuilder() .setType(AclEntryType.ALLOW) .setPrincipal(user) .setPermissions( AclEntryPermission.WRITE_NAMED_ATTRS, AclEntryPermission.WRITE_DATA, AclEntryPermission.WRITE_ATTRIBUTES, AclEntryPermission.READ_ATTRIBUTES, AclEntryPermission.APPEND_DATA, AclEntryPermission.READ_DATA, AclEntryPermission.READ_NAMED_ATTRS, AclEntryPermission.READ_ACL, AclEntryPermission.SYNCHRONIZE, AclEntryPermission.DELETE) .setFlags(AclEntryFlag.FILE_INHERIT) .build(); return entry; }
@Test public void testCloneProducesAnEquivalentAclEntry() { TestUserImpl testUser = new TestUserImpl("user1"); CloudAclEntryBuilder<UserPrincipal> builder = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addFlag(AclEntryFlag.DIRECTORY_INHERIT) .setPrincipal(testUser) .setType(AclEntryType.ALLOW); CloudAclEntry<UserPrincipal> unclonedEntry = builder.build(); CloudAclEntry<UserPrincipal> clonedEntry = builder.clone().build(); Assert.assertEquals(unclonedEntry, clonedEntry); }
public EnumSet<AclEntryFlag> getFlags() { return flags; }
public void setFlags(EnumSet<AclEntryFlag> flags) { this.flags = flags; }
public CloudAclEntryBuilder<T> addFlag(AclEntryFlag flag) { cloudAclEntry.getFlags().add(flag); return this; }
public CloudAclEntryBuilder<T> addFlags(AclEntryFlag... flags) { Arrays.stream(flags).forEach(f -> addFlag(f)); return this; }
public CloudAclEntryBuilder<T> addFlags(EnumSet<AclEntryFlag> flags) { flags.forEach(f -> addFlag(f)); return this; }
@Test public void testMergeAclsWillMergeAllMergeableAclsInTheSet() { CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .addFlag(AclEntryFlag.DIRECTORY_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.DELETE) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry3 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user2")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry4 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry5 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user3")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry6 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user2")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.DELETE) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntrySet entrySet = checker.mergeAcls(AnonymousUserPrincipal.INSTANCE, cloudAclEntry1, cloudAclEntry2, cloudAclEntry3, cloudAclEntry4, cloudAclEntry5, cloudAclEntry6); Assert.assertTrue(entrySet.isOwner(AnonymousUserPrincipal.INSTANCE)); Assert.assertEquals(3, entrySet.size()); Iterator<CloudAclEntry<?>> iterator = entrySet.iterator(); while (iterator.hasNext()) { CloudAclEntry<?> entry = iterator.next(); String userName = ((TestUserImpl)entry.getPrincipal()).getName(); switch (userName) { case "user1": Assert.assertEquals(AclEntryType.DENY, entry.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.DELETE, AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA), entry.getPermissions()); break; case "user2": Assert.assertEquals(AclEntryType.ALLOW, entry.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA, AclEntryPermission.DELETE), entry.getPermissions()); break; case "user3": Assert.assertEquals(AclEntryType.ALLOW, entry.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA), entry.getPermissions()); break; default: Assert.fail("Unexpected user entry " + entry); } } }
private List<AclEntry> getLocalAclEntries(ItemType type, List<AclEntry> parentAclList, List<AclEntry> childAclList) { List<AclEntry> aclList = new ArrayList<>(); for (AclEntry childEntry : childAclList) { boolean found = false; for (AclEntry parentEntry : parentAclList) { if (!parentEntry.type().equals(childEntry.type())) continue; if (!parentEntry.principal().equals(childEntry.principal())) continue; if (!parentEntry.permissions().equals(childEntry.permissions())) continue; if (!parentEntry.flags().equals(childEntry.flags())) { if (parentEntry.flags().contains(AclEntryFlag.INHERIT_ONLY)) { found = true; break; } else { if (type.equals(ItemType.FOLDER)) { if (parentEntry.flags().contains(AclEntryFlag.DIRECTORY_INHERIT)) { found = true; break; } } else { if (parentEntry.flags().contains(AclEntryFlag.FILE_INHERIT)) { found = true; break; } } } continue; } found = true; break; } if (found) continue; // System.out.println("CHILD: "+childEntry.toString()); /* * System.out.println("\n\n"); * System.out.println("CHILD: "+childEntry.toString()); * * for(AclEntry parentEntry : parentAclList){ * * System.out.println("PARENT: "+parentEntry.toString()); } * * System.out.println("\n\n"); */ aclList.add(childEntry); } return aclList; }
