From 833b76c011ea086dd9727b64f59537809958bf3f Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Sat, 5 Apr 2008 03:42:16 +0000 Subject: [PATCH] SEC-676: Remove child ACLs from cache during delete. --- .../security/acls/jdbc/JdbcAclService.java | 4 ++-- .../security/acls/jdbc/JdbcAclServiceTests.java | 9 +++++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java b/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java index fe65229c48..974984a3c4 100644 --- a/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java +++ b/acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java @@ -81,13 +81,13 @@ public class JdbcAclService implements AclService { public Object mapRow(ResultSet rs, int rowNum) throws SQLException { String javaType = rs.getString("class"); - String identifier = rs.getString("obj_id"); + Long identifier = rs.getLong("obj_id"); return new ObjectIdentityImpl(javaType, identifier); } }); - return (ObjectIdentityImpl[]) objects.toArray(new ObjectIdentityImpl[] {}); + return (ObjectIdentityImpl[]) objects.toArray(new ObjectIdentityImpl[objects.size()]); } public Acl readAclById(ObjectIdentity object, Sid[] sids) throws NotFoundException { diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java index 666d73e1e1..5b767d04eb 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java @@ -20,6 +20,7 @@ import org.springframework.security.Authentication; import org.springframework.security.GrantedAuthority; import org.springframework.security.GrantedAuthorityImpl; import org.springframework.security.acls.AccessControlEntry; +import org.springframework.security.acls.Acl; import org.springframework.security.acls.AlreadyExistsException; import org.springframework.security.acls.ChildrenExistException; import org.springframework.security.acls.MutableAcl; @@ -225,11 +226,15 @@ public class JdbcAclServiceTests extends AbstractTransactionalDataSourceSpringCo /** * Test method that demonstrates eviction failure from cache - SEC-676 */ -/* public void testDeleteAclAlsoDeletesChildren() throws Exception { + public void testDeleteAclAlsoDeletesChildren() throws Exception { ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100)); ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101)); ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102)); + // Check the childOid really is a child of middleParentOid + Acl childAcl = jdbcMutableAclService.readAclById(childOid); + assertEquals(middleParentOid, childAcl.getParentAcl().getObjectIdentity()); + // Delete the mid-parent and test if the child was deleted, as well jdbcMutableAclService.deleteAcl(middleParentOid, true); @@ -251,7 +256,7 @@ public class JdbcAclServiceTests extends AbstractTransactionalDataSourceSpringCo Acl acl = jdbcMutableAclService.readAclById(topParentOid); assertNotNull(acl); assertEquals(((MutableAcl) acl).getObjectIdentity(), topParentOid); - }*/ + } public void testConstructorRejectsNullParameters() throws Exception { try {