org.apache.jackrabbit.api.security.user.UserManager Java Examples

/**
 * Installs a package that contains a "test-group" and a "test-user-a" as member of the group.
 */
@Test
public void installGroupA() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-group must not exist", mgr.getAuthorizable("test-group"));
    assertNull("test-user-a must not exist", mgr.getAuthorizable("test-user-a"));

    JcrPackage pack = packMgr.upload(getStream("/test-packages/group_with_a.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    // check if group exists
    Group grp = (Group) mgr.getAuthorizable("test-group");
    assertNotNull("test-group must exist", grp);
    User userA = (User) mgr.getAuthorizable("test-user-a");
    assertNotNull("test-user-a must exist", userA);
    assertTrue("test-user-a is member of test-group", grp.isMember(userA));
}
 

@After
public void tearDown() throws Exception {
    // remove test authorizables
    admin.refresh(false);
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    for (String id: getAllAuthorizableIds()) {
        if (!preTestAuthorizables.remove(id)) {
            removeAuthorizable(mgr, id);
        }
    }
    admin.save();

    packMgr = null;
    if (admin != null) {
        admin.logout();
        admin = null;
    }
}
 

@Test
public void installUserA_Profile_NonExistingUser() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    // install profile
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a_profile.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    Authorizable user = mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", user);

    // profile must exist
    assertProperty(user.getPath() + "/" + NAME_PROFILE_PROPERTY, "a");
}
 

@Test
public void installUserA_Profile_Picture_NonExistingUser() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    // install updated profile
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a_profile_picture.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    Authorizable user = mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", user);

    // image profile must exist
    assertNodeExists(user.getPath() + "/" + NAME_PROFILE_PICTURE_NODE);
}
 

@Activate
public void start(ActivatorConfiguration config) {
    String[] authorizableIds = config.pwdreset_authorizables();

    Session session = null;
    try {
        ResourceResolver resolver = resolverFactory.getAdministrativeResourceResolver(null);

        UserManager userManager = resolver.adaptTo(UserManager.class);
        session = resolver.adaptTo(Session.class);

        for (String authorizable : authorizableIds) {
            try {
                Authorizable user = userManager.getAuthorizable(authorizable);
                if (user != null) {
                    ((User) user).changePassword(authorizable);
                    if (!userManager.isAutoSave()) {
                        session.save();
                    }
                    log.info("Changed the password for {}", authorizable);
                } else {
                    log.error("Could not find authorizable {}", authorizable);
                }
            } catch (RepositoryException repEx) {
                log.error("Could not change password for {}", authorizable, repEx);
            }
        }
    } catch (LoginException loginEx) {
        log.error("Could not login to the repository", loginEx);
    } finally {
        if(session != null) {
            session.logout();
        }
    }
}
 

private void install_user_with_rep_cache(ImportMode mode) throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    // install user package
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_with_rep_cache.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    opts.setImportMode(mode);
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);
}
 

private void assertABC(UserManager mgr) throws RepositoryException {
    // check if group exists
    Group grp = (Group) mgr.getAuthorizable("test-group");
    assertNotNull("test-group must exist", grp);
    User userA = (User) mgr.getAuthorizable("test-user-a");
    User userB = (User) mgr.getAuthorizable("test-user-b");
    User userC = (User) mgr.getAuthorizable("test-user-c");
    assertNotNull("test-user-a must exist", userA);
    assertNotNull("test-user-b must exist", userB);
    assertNotNull("test-user-c must exist", userC);

    assertTrue("test-user-a is member of test-group", grp.isMember(userA));
    assertTrue("test-user-b is member of test-group", grp.isMember(userB));
    assertTrue("test-user-c is member of test-group", grp.isMember(userC));
}
 

/**
 * Installs 2 packages with "test-group" that contain test-user-a and test-user-b,test-user-c respectively.
 * since the import mode is merge, the memberships should be merged. this variant uses a renamed authorizable node name
 */
@Test
public void installGroupABC_renamed() throws RepositoryException, IOException, PackageException {
    // ensure that test users don't exist yet (proper setup)
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-group must not exist", mgr.getAuthorizable("test-group"));
    assertNull("test-user-a must not exist", mgr.getAuthorizable("test-user-a"));
    assertNull("test-user-b must not exist", mgr.getAuthorizable("test-user-b"));
    assertNull("test-user-c must not exist", mgr.getAuthorizable("test-user-c"));

    JcrPackage pack = packMgr.upload(getStream("/test-packages/group_with_bc.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    pack = packMgr.upload(getStream("/test-packages/group_with_a_moved.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());
    assertABC(mgr);
}
 

/**
 * Installs 2 packages with "test-group" that contain test-user-a and test-user-b,test-user-c respectively.
 * since the import mode is merge, the memberships should be merged.
 */
@Test
public void installGroupABC() throws RepositoryException, IOException, PackageException {
    // ensure that test users don't exist yet (proper setup)
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-group must not exist", mgr.getAuthorizable("test-group"));
    assertNull("test-user-a must not exist", mgr.getAuthorizable("test-user-a"));
    assertNull("test-user-b must not exist", mgr.getAuthorizable("test-user-b"));
    assertNull("test-user-c must not exist", mgr.getAuthorizable("test-user-c"));

    JcrPackage pack = packMgr.upload(getStream("/test-packages/group_with_a.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    pack = packMgr.upload(getStream("/test-packages/group_with_bc.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());
    assertABC(mgr);
}
 

@Override
public void tearDown() throws Exception {
    // remove test authorizables
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    removeAuthorizable(mgr, "test-group");
    removeAuthorizable(mgr, "test-user-a");
    removeAuthorizable(mgr, "test-user-b");
    removeAuthorizable(mgr, "test-user-c");
    admin.save();
    super.tearDown();
}
 

/**
 * Test if package extraction works w/o RW access to / and /tmp.
 */
@Test
public void testExtractWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException, PackageException {
    Assume.assumeTrue(!isOak());

    JcrPackage pack = packMgr.upload(getStream("/test-packages/tmp_foo.zip"), true, true);
    assertNotNull(pack);
    assertTrue(pack.isValid());
    PackageId id = pack.getPackage().getId();
    pack.close();

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, ((JcrPackageRegistry)packMgr.getRegistry()).getPackRootPaths()[0], principal1, new String[]{"jcr:all"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    JcrPackageManagerImpl userPackMgr = new JcrPackageManagerImpl(session, new String[0], null, null);
    pack = userPackMgr.open(id);
    ImportOptions opts = getDefaultOptions();
    pack.extract(opts);
    pack.close();
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

/**
 * Tests if package installation works w/o RW access to / and /tmp.
 * this currently fails, due to the creation of the snapshot.
 * also see {@link TestNoRootAccessExport#exportNoRootAccess()}
 */
@Test
@Ignore("JCRVLT-100")
public void testInstallWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException, PackageException {
    JcrPackage pack = packMgr.upload(getStream("/test-packages/tmp_foo.zip"), true, true);
    assertNotNull(pack);
    assertTrue(pack.isValid());
    PackageId id = pack.getPackage().getId();
    pack.close();

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, ((JcrPackageRegistry)packMgr.getRegistry()).getPackRootPaths()[0], principal1, new String[]{"jcr:all"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    JcrPackageManagerImpl userPackMgr = new JcrPackageManagerImpl(session, new String[0], null, null);
    pack = userPackMgr.open(id);
    ImportOptions opts = getDefaultOptions();
    pack.install(opts);
    pack.close();
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

/**
 * Installs a package with an install hook and an explicitly allowed user
 */
@Test
public void testHookWithAllowedNonAdminUser() throws RepositoryException, IOException, PackageException {
    if (admin.nodeExists("/testroot")) {
        admin.getNode("/testroot").remove();
    }
    admin.getRootNode().addNode("testroot", "nt:unstructured").addNode("testnode", "nt:unstructured");
    admin.save();
    
    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();
    
    // Setup test user ACLs that there are no restrictions
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, true);
    admin.save();
    
    Session userSession = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    try {
        packMgr = new JcrPackageManagerImpl(userSession, new String[0], new String[] {"user1"}, null);

        PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
        dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
        packMgr.setDispatcher(dispatcher);
        
        JcrPackage pack = packMgr.upload(getStream("/test-packages/test_hook.zip"), false);
        assertNotNull(pack);
        packMgr.getInternalRegistry().installPackage(userSession, new JcrRegisteredPackage(pack), getDefaultOptions(), true);
        assertTrue(admin.propertyExists("/testroot/hook-example"));
        
    } finally {
        userSession.logout();
    }
}
 

/**
 * Installs a package with an install hook and a not allowed user
 */
@Test
public void testHookWithNotAllowedNonAdminUser() throws RepositoryException, IOException, PackageException {
    if (admin.nodeExists("/testroot")) {
        admin.getNode("/testroot").remove();
    }
    admin.getRootNode().addNode("testroot", "nt:unstructured").addNode("testnode", "nt:unstructured");
    admin.save();
    
    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();
    
    // Setup test user ACLs that there are no restrictions
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, true);
    admin.save();
    
    Session userSession = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    try {
        packMgr = new JcrPackageManagerImpl(userSession, new String[0], null, null);

        PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
        dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
        packMgr.setDispatcher(dispatcher);
        
        JcrPackage pack = packMgr.upload(getStream("/test-packages/test_hook.zip"), false);
        assertNotNull(pack);
        thrown.expect(PackageException.class);
        thrown.expectMessage("Package extraction requires admin session as it has a hook");
        packMgr.getInternalRegistry().installPackage(userSession, new JcrRegisteredPackage(pack), getDefaultOptions(), true);
        
    
    } finally {
        userSession.logout();
    }
}
 

@Test
public void testImportWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException {
    Assume.assumeTrue(!isOak());

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    // Import with a session associated to the test user
    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    ZipArchive archive = new ZipArchive(getTempFile("/test-packages/tmp_foo.zip"));
    archive.open(true);
    ImportOptions opts = getDefaultOptions();
    Importer importer = new Importer(opts);
    importer.run(archive, session, "/");
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

@Test
public void testImportWithoutRootAccess() throws IOException, RepositoryException, ConfigurationException {
    Assume.assumeTrue(!isOak());

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    // Import with a session associated to the test user
    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    ZipArchive archive = new ZipArchive(getTempFile("/test-packages/tmp.zip"));
    archive.open(true);
    ImportOptions opts = getDefaultOptions();
    Importer importer = new Importer(opts);
    importer.run(archive, session, "/");
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

private void install_moved_user_with_rep_cache(ImportMode mode) throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    User u = mgr.createUser(ID_TEST_USER_A, ID_TEST_PASSWORD);
    String newPath = u.getPath() + "_moved";
    admin.move(u.getPath(), newPath);
    admin.save();

    Group g = mgr.createGroup(ID_TEST_GROUP_A);
    g.addMember(u);
    admin.save();

    // login to the repository to generate some rep:cache nodes
    repository.login(new SimpleCredentials(ID_TEST_USER_A, ID_TEST_PASSWORD.toCharArray())).logout();
    admin.refresh(false);

    // ensure that there is a rep:cache node
    assertNodeExists(newPath + "/rep:cache");

    // install user package
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    opts.setImportMode(mode);
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);
}
 

@Test
public void installUserA_Policy_Moved() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    User u = mgr.createUser(ID_TEST_USER_A, "nonce");
    String authPath = u.getPath();
    assertNotSame("authorizable path must be different than the one in the package", PARENT_PATH_TEST_USER_A, Text.getRelativeParent(authPath, 1));

    // assert that user does not have an ACL setup
    assertPermissionMissing(authPath, true, new String[]{"jcr:all"}, "everyone", null);

    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a_policy.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    opts.setImportMode(ImportMode.MERGE);
    opts.setAccessControlHandling(AccessControlHandling.MERGE_PRESERVE);
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);
    authPath = u.getPath();

    // assert that user has an ACL setup
    assertPermission(authPath, true, new String[]{"jcr:all"}, "everyone", null);
}
 

public final Set<String> getAllAuthorizableIds() throws RepositoryException {
    Set<String> ret = new HashSet<String>();
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    Iterator<Authorizable> auths = mgr.findAuthorizables("rep:principalName", null);
    while (auths.hasNext()) {
        ret.add(auths.next().getID());
    }
    return ret;
}
 

/**
 * Create user groups for authors and testers.
 *
 * @param bundleContext The bundle context provided by the component.
 */
private void createGroups(BundleContext bundleContext){
    ServiceReference SlingRepositoryFactoryReference = bundleContext.getServiceReference(SlingRepository.class.getName());
    SlingRepository repository = (SlingRepository)bundleContext.getService(SlingRepositoryFactoryReference);

    Session session = null;

    if (repository != null) {
        try {
            session = repository.loginAdministrative(null);

            if (session != null && session instanceof JackrabbitSession) {
                UserManager userManager = ((JackrabbitSession)session).getUserManager();
                ValueFactory valueFactory = session.getValueFactory();

                Authorizable authors = userManager.getAuthorizable(PublickConstants.GROUP_ID_AUTHORS);

                if (authors == null) {
                    authors = userManager.createGroup(PublickConstants.GROUP_ID_AUTHORS);
                    authors.setProperty(GROUP_DISPLAY_NAME, valueFactory.createValue(PublickConstants.GROUP_DISPLAY_AUTHORS));
                }

                Authorizable testers = userManager.getAuthorizable(PublickConstants.GROUP_ID_TESTERS);

                if (testers == null) {
                    testers = userManager.createGroup(PublickConstants.GROUP_ID_TESTERS);
                    testers.setProperty(GROUP_DISPLAY_NAME, valueFactory.createValue(PublickConstants.GROUP_DISPLAY_TESTERS));
                }
            }
        } catch (RepositoryException e) {
            LOGGER.error("Could not get session", e);
        } finally {
            if (session != null && session.isLive()) {
                session.logout();
                session = null;
            }
        }
    }
}
 

@PostConstruct
public void init() throws Exception {
    final Session session = resource.getResourceResolver().adaptTo(Session.class);
    final UserManager userManager = AccessControlUtil.getUserManager(session);
    user = (User) userManager.getAuthorizable(session.getUserID());
    userProperties = mapUserProperties(user);
}
 

private User installUserA(ImportMode mode, boolean usePkgPath, boolean expectPkgPath) throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    User u;
    if (usePkgPath) {
        u = mgr.createUser(ID_TEST_USER_A, ID_TEST_PASSWORD, new PrincipalImpl(ID_TEST_USER_A), PARENT_PATH_TEST_USER_A);
    } else {
        u = mgr.createUser(ID_TEST_USER_A, ID_TEST_PASSWORD);
    }
    final String authPath = u.getPath();
    if (usePkgPath) {
        assertEquals("authorizable path must be correct", PARENT_PATH_TEST_USER_A, Text.getRelativeParent(authPath, 1));
    } else {
        assertNotSame("authorizable path must be different than the one in the package", PARENT_PATH_TEST_USER_A, Text.getRelativeParent(authPath, 1));
    }

    // create test property and node
    u.setProperty(NAME_USER_PROPERTY, admin.getValueFactory().createValue("initial"));
    admin.getNode(u.getPath()).addNode(NAME_PROFILE_PRIVATE_NODE, NodeType.NT_UNSTRUCTURED);

    admin.save();

    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    if (mode != null) {
        opts.setImportMode(mode);
    }
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);

    // check path
    if (expectPkgPath) {
        assertEquals("authorizable path must be correct", PARENT_PATH_TEST_USER_A, Text.getRelativeParent(userA.getPath(), 1));
    } else {
        assertEquals("authorizable path must be correct", authPath, userA.getPath());
    }

    // check import mode dependent stuff
    if (mode == null || mode == ImportMode.REPLACE) {
        assertProperty(userA.getPath() + "/" + NAME_USER_PROPERTY, "a");
        assertProperty(userA.getPath() + "/" + NAME_PROFILE_FULLNAME, "Test User");
        assertNodeExists(userA.getPath() + "/" + NAME_PROFILE_NODE);
        assertNodeMissing(userA.getPath() + "/" + NAME_PROFILE_PRIVATE_NODE);
    } else if (mode == ImportMode.UPDATE) {
        assertProperty(userA.getPath() + "/" + NAME_USER_PROPERTY, "a");
        assertProperty(userA.getPath() + "/" + NAME_PROFILE_FULLNAME, "Test User");
        assertNodeExists(userA.getPath() + "/" + NAME_PROFILE_NODE);
        assertNodeExists(userA.getPath() + "/" + NAME_PROFILE_PRIVATE_NODE);
    } else if (mode == ImportMode.MERGE) {
        assertProperty(userA.getPath() + "/" + NAME_USER_PROPERTY, "initial");
        assertProperty(userA.getPath() + "/" + NAME_PROFILE_FULLNAME, "Test User");
        assertNodeExists(userA.getPath() + "/" + NAME_PROFILE_NODE);
        assertNodeExists(userA.getPath() + "/" + NAME_PROFILE_PRIVATE_NODE);
    }

    return userA;
}
 

public final void removeAuthorizable(UserManager mgr, String name) throws RepositoryException {
    Authorizable a = mgr.getAuthorizable(name);
    if (a != null) {
        a.remove();
    }
}
 

private static void createUsers(Session session) throws RepositoryException {
    UserManager userManager = ((JackrabbitSession) session).getUserManager();
    userManager.createUser("principal-1", "pwd-1");
    userManager.createUser("principal-2", "pwd-2");
    userManager.createUser("principal-3", "pwd-3");
}
 

public AuthorizableManagerImpl(UserManager userManager) {
  this.userManager = userManager;
}
 

public UserManagerWrapper(SessionWrapper<JackrabbitSession> sessionWrapper, UserManager delegate) {
    super(sessionWrapper, delegate);
}
 

@Override
public UserManager getUserManager() throws AccessDeniedException, UnsupportedRepositoryOperationException, RepositoryException {
    return new UserManagerWrapper(this, wrappedSession.getUserManager());
}
 

@Before
public void before() throws Exception {
    MockitoAnnotations.initMocks(this);

    when(mockConfiguration.pwdreset_authorizables()).thenReturn(new String[]{"admin"});
    when(mockResolverFactory.getAdministrativeResourceResolver(null)).thenReturn(mockResolver);
    when(mockResolver.adaptTo(UserManager.class)).thenReturn(mockUserManager);
    when(mockResolver.adaptTo(Session.class)).thenReturn(mockSession);
}