Ensure that array of valid permissions can't be modified outside the class
This commit is contained in:
Carlos Sanchez
parent
38ec0f0d30
commit
27d2db9e22
|
|
@ -44,17 +44,18 @@ public class SimpleAclEntry extends AbstractBasicAclEntry {
|
|||
public static final int READ_WRITE_DELETE = READ | WRITE | DELETE;
|
||||
|
||||
// Array required by the abstract superclass via getValidPermissions()
|
||||
private static final int[] validPermissions = {
|
||||
private static final int[] VALID_PERMISSIONS = {
|
||||
NOTHING, ADMINISTRATION, READ, WRITE, CREATE, DELETE, READ_WRITE_CREATE_DELETE, READ_WRITE_CREATE,
|
||||
READ_WRITE, READ_WRITE_DELETE
|
||||
};
|
||||
|
||||
private static final String[] VALID_PERMISSIONS_AS_STRING = {
|
||||
"NOTHING", "ADMINISTRATION", "READ", "WRITE", "CREATE", "DELETE", "READ_WRITE_CREATE_DELETE", "READ_WRITE_CREATE",
|
||||
"READ_WRITE", "READ_WRITE_DELETE" };
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
/**
|
||||
/**
|
||||
* Allows {@link BasicAclDao} implementations to construct this object
|
||||
* using <code>newInstance()</code>.
|
||||
*
|
||||
|
|
@ -73,8 +74,11 @@ public class SimpleAclEntry extends AbstractBasicAclEntry {
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
/**
|
||||
* @return a copy of the permissions array, changes to the values won't affect this class.
|
||||
*/
|
||||
public int[] getValidPermissions() {
|
||||
return validPermissions;
|
||||
return (int[]) VALID_PERMISSIONS.clone();
|
||||
}
|
||||
|
||||
public String printPermissionsBlock(int i) {
|
||||
|
|
@ -123,8 +127,9 @@ public class SimpleAclEntry extends AbstractBasicAclEntry {
|
|||
*/
|
||||
public static int parsePermission(String permission) {
|
||||
for (int i = 0; i < VALID_PERMISSIONS_AS_STRING.length; i++) {
|
||||
if (VALID_PERMISSIONS_AS_STRING[i].equalsIgnoreCase(permission))
|
||||
return validPermissions[i];
|
||||
if (VALID_PERMISSIONS_AS_STRING[i].equalsIgnoreCase(permission)) {
|
||||
return VALID_PERMISSIONS[i];
|
||||
}
|
||||
}
|
||||
throw new IllegalArgumentException("Permission provided does not exist: " + permission);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -172,13 +172,13 @@ public class SimpleAclEntryTests extends TestCase {
|
|||
}
|
||||
|
||||
public void testParsePermission() {
|
||||
assertPermission("NOTHING", 0);
|
||||
assertPermission("ADMINISTRATION", 1);
|
||||
assertPermission("READ", 2);
|
||||
assertPermission("WRITE", 4);
|
||||
assertPermission("CREATE", 8);
|
||||
assertPermission("DELETE", 16);
|
||||
assertPermission("READ_WRITE_DELETE", 22);
|
||||
assertPermission("NOTHING", SimpleAclEntry.NOTHING);
|
||||
assertPermission("ADMINISTRATION", SimpleAclEntry.ADMINISTRATION);
|
||||
assertPermission("READ", SimpleAclEntry.READ);
|
||||
assertPermission("WRITE", SimpleAclEntry.WRITE);
|
||||
assertPermission("CREATE", SimpleAclEntry.CREATE);
|
||||
assertPermission("DELETE", SimpleAclEntry.DELETE);
|
||||
assertPermission("READ_WRITE_DELETE", SimpleAclEntry.READ_WRITE_DELETE);
|
||||
}
|
||||
|
||||
public void testParsePermissionWrongValues() {
|
||||
|
|
@ -193,4 +193,15 @@ public class SimpleAclEntryTests extends TestCase {
|
|||
private void assertPermission(String permission, int value) {
|
||||
assertEquals(value, SimpleAclEntry.parsePermission(permission));
|
||||
}
|
||||
|
||||
/**
|
||||
* Check that the value returned by {@link SimpleAclEntry#getValidPermissions()} is not modifiable.
|
||||
*/
|
||||
public void testGetPermissions() {
|
||||
SimpleAclEntry acl = new SimpleAclEntry("", new NamedEntityObjectIdentity("x", "x"), null, 0);
|
||||
int[] permissions = acl.getValidPermissions();
|
||||
int i = permissions[0];
|
||||
permissions[0] -= 100;
|
||||
assertEquals("Value returned by getValidPermissions can be modified", i, acl.getValidPermissions()[0]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -446,13 +446,13 @@ public class BasicAclEntryVoterTests extends TestCase {
|
|||
}
|
||||
|
||||
public void testSetRequirePermissionFromString() {
|
||||
assertPermission("NOTHING", 0);
|
||||
assertPermission("ADMINISTRATION", 1);
|
||||
assertPermission("READ", 2);
|
||||
assertPermission("WRITE", 4);
|
||||
assertPermission("CREATE", 8);
|
||||
assertPermission("DELETE", 16);
|
||||
assertPermission(new String[] { "WRITE", "CREATE" }, new int[] { 4, 8 });
|
||||
assertPermission("NOTHING", SimpleAclEntry.NOTHING);
|
||||
assertPermission("ADMINISTRATION", SimpleAclEntry.ADMINISTRATION);
|
||||
assertPermission("READ", SimpleAclEntry.READ);
|
||||
assertPermission("WRITE", SimpleAclEntry.WRITE);
|
||||
assertPermission("CREATE", SimpleAclEntry.CREATE);
|
||||
assertPermission("DELETE", SimpleAclEntry.DELETE);
|
||||
assertPermission(new String[] { "WRITE", "CREATE" }, new int[] { SimpleAclEntry.WRITE, SimpleAclEntry.CREATE });
|
||||
}
|
||||
|
||||
public void testSetRequirePermissionFromStringWrongValues() {
|
||||
|
|
|
|||
Loading…
Reference in New Issue