diff --git a/src/main/java/org/caosdb/server/accessControl/UserSources.java b/src/main/java/org/caosdb/server/accessControl/UserSources.java
index bd63da6fb7a116f0fb9c75f1724c93913e308a22..bbbb1bcbc75dd817380cc99a73dbce576f067c9d 100644
--- a/src/main/java/org/caosdb/server/accessControl/UserSources.java
+++ b/src/main/java/org/caosdb/server/accessControl/UserSources.java
@@ -88,6 +88,9 @@ public class UserSources extends HashMap<String, UserSource> {
* @return true iff the user identified by the given {@link Principal} exists.
*/
public static boolean isUserExisting(final Principal principal) {
+ if (principal.getRealm().equals(OneTimeAuthenticationToken.REALM_NAME)) {
+ return true;
+ }
UserSource userSource = instance.get(principal.getRealm());
if (userSource != null) {
return userSource.isUserExisting(principal.getUsername());
diff --git a/src/test/java/org/caosdb/server/permissions/EntityACLTest.java b/src/test/java/org/caosdb/server/permissions/EntityACLTest.java
index 1787c902f48124d692f8c53e4a73ed04564dfe8f..437d1affcfcea85521e8828b2e67083801a3f0c0 100644
--- a/src/test/java/org/caosdb/server/permissions/EntityACLTest.java
+++ b/src/test/java/org/caosdb/server/permissions/EntityACLTest.java
@@ -23,27 +23,36 @@
package org.caosdb.server.permissions;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import java.io.IOException;
+import java.util.ArrayList;
import java.util.BitSet;
import java.util.HashSet;
import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.caosdb.server.CaosDBServer;
import org.caosdb.server.accessControl.AnonymousAuthenticationToken;
import org.caosdb.server.accessControl.AuthenticationUtils;
import org.caosdb.server.accessControl.Config;
+import org.caosdb.server.accessControl.CredentialsValidator;
import org.caosdb.server.accessControl.OneTimeAuthenticationToken;
+import org.caosdb.server.accessControl.Principal;
import org.caosdb.server.accessControl.Role;
import org.caosdb.server.database.BackendTransaction;
import org.caosdb.server.database.access.Access;
+import org.caosdb.server.database.backend.interfaces.RetrievePasswordValidatorImpl;
import org.caosdb.server.database.backend.interfaces.RetrievePermissionRulesImpl;
import org.caosdb.server.database.backend.interfaces.RetrieveRoleImpl;
+import org.caosdb.server.database.backend.interfaces.RetrieveUserImpl;
import org.caosdb.server.database.exceptions.TransactionException;
import org.caosdb.server.database.misc.TransactionBenchmark;
+import org.caosdb.server.database.proto.ProtoUser;
import org.caosdb.server.resource.AbstractCaosDBServerResource;
import org.caosdb.server.resource.AbstractCaosDBServerResource.XMLParser;
import org.caosdb.server.utils.Utils;
@@ -101,6 +110,54 @@ public class EntityACLTest {
}
}
+ public static class RetrievePasswordValidatorMockup implements RetrievePasswordValidatorImpl {
+
+ public RetrievePasswordValidatorMockup(Access a) {}
+
+ @Override
+ public void setTransactionBenchmark(TransactionBenchmark b) {}
+
+ @Override
+ public TransactionBenchmark getBenchmark() {
+ return null;
+ }
+
+ @Override
+ public CredentialsValidator<String> execute(String name) throws TransactionException {
+ if (name.equals("anonymous")) {
+ return new CredentialsValidator<String>() {
+
+ @Override
+ public boolean isValid(String credential) {
+ return false;
+ }
+ };
+ }
+ return null;
+ }
+ }
+
+ public static class RetrieveUserMockup implements RetrieveUserImpl {
+
+ public RetrieveUserMockup(Access a) {}
+
+ @Override
+ public void setTransactionBenchmark(TransactionBenchmark b) {}
+
+ @Override
+ public TransactionBenchmark getBenchmark() {
+ return null;
+ }
+
+ @Override
+ public ProtoUser execute(Principal principal) throws TransactionException {
+ if (principal.getUsername().equals("anonymous")) {
+ return new ProtoUser();
+ }
+ return null;
+ }
+ }
+
@BeforeClass
public static void init() throws IOException {
CaosDBServer.initServerProperties();
@@ -110,6 +167,9 @@ public class EntityACLTest {
BackendTransaction.setImpl(
RetrievePermissionRulesImpl.class, RetrievePermissionRulesMockup.class);
BackendTransaction.setImpl(RetrieveRoleImpl.class, RetrieveRoleMockup.class);
+ BackendTransaction.setImpl(
+ RetrievePasswordValidatorImpl.class, RetrievePasswordValidatorMockup.class);
+ BackendTransaction.setImpl(RetrieveUserImpl.class, RetrieveUserMockup.class);
}
@Test