SEC-532: added test method for SEC-655

core/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java

@@ -25,6 +25,7 @@ import org.springframework.security.acls.ChildrenExistException;
 import org.springframework.security.acls.MutableAcl;
 import org.springframework.security.acls.NotFoundException;
 import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.domain.AclImpl;
 import org.springframework.security.acls.domain.BasePermission;
 import org.springframework.security.acls.objectidentity.ObjectIdentity;
 import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
@@ -222,6 +223,9 @@ public class JdbcAclServiceTests extends AbstractTransactionalDataSourceSpringCo
         SecurityContextHolder.clearContext();
     }
     
+    /**
+     * Test method that demonstrates eviction failure from cache - SEC-676
+     */
 /*    public void testDeleteAclAlsoDeletesChildren() throws Exception {
         ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
         ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
@@ -357,6 +361,42 @@ public class JdbcAclServiceTests extends AbstractTransactionalDataSourceSpringCo
         assertNull(aclCache.getFromCache(new Long(102)));
     }
     
+    /**
+     * SEC-655
+     */
+/*    public void testClearChildrenFromCacheWhenParentIsUpdated() throws Exception {
+        Authentication auth = new TestingAuthenticationToken("ben", "ignored",
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ADMINISTRATOR")});
+        auth.setAuthenticated(true);
+        SecurityContextHolder.getContext().setAuthentication(auth);
+
+        ObjectIdentity parentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(104));
+        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(105));
+
+        MutableAcl parent = jdbcMutableAclService.createAcl(parentOid);
+        MutableAcl child = jdbcMutableAclService.createAcl(childOid);
+        
+        child.setParent(parent);
+        jdbcMutableAclService.updateAcl(child);
+
+        parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid);
+        parent.insertAce(null, BasePermission.READ, new PrincipalSid("ben"), true);
+        jdbcMutableAclService.updateAcl(parent);
+
+        parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid);
+        parent.insertAce(null, BasePermission.READ, new PrincipalSid("scott"), true);
+        jdbcMutableAclService.updateAcl(parent);
+
+        child = (MutableAcl) jdbcMutableAclService.readAclById(childOid);
+        parent = (MutableAcl) child.getParentAcl();
+
+        assertEquals("Fails because child has a stale reference to its parent", 2, parent.getEntries().length);
+        assertEquals(1, parent.getEntries()[0].getPermission().getMask());
+        assertEquals(new PrincipalSid("ben"), parent.getEntries()[0].getSid());
+        assertEquals(1, parent.getEntries()[1].getPermission().getMask());
+        assertEquals(new PrincipalSid("scott"), parent.getEntries()[1].getSid());
+    }*/
+    
 /*    public void testCumulativePermissions() {
    setComplete();
    Authentication auth = new TestingAuthenticationToken("ben", "ignored", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ADMINISTRATOR")});