CCM NG: Secured collections (not all tested yet)

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3751 8810af33-2d31-482b-a856-94f89814c4df
2015-11-26 14:42:43 +00:00 · 2015-11-26 14:42:43 +00:00 · 80eeb7960a
parent 8da5c31279
commit 80eeb7960a
10 changed files with 1141 additions and 141 deletions
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java
@ -44,14 +44,17 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
    private final Class<E> clazz;
-    private final String privilege;
+    private final String requiredPrivilege;
    private final SecuredHelper<E> securedHelper;
    public SecuredCollection(final Collection<E> collection,
                             final Class<E> clazz,
-                             final String privilege) {
+                             final String requiredPrivilege) {
        this.collection = collection;
        this.clazz = clazz;
-        this.privilege = privilege;
+        this.requiredPrivilege = requiredPrivilege;
        this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
    }
    @Override
@ -71,7 +74,7 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
    @Override
    public Iterator<E> iterator() {
-        return new SecuredIterator<>(collection.iterator(), clazz, privilege);
+        return new SecuredIterator<>(collection.iterator(), clazz, requiredPrivilege);
    }
    @Override
@ -88,8 +91,8 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
        final Object[] objects = collection.toArray();
        for (int i = 0; i < objects.length; i++) {
-            if (!permissionChecker.isPermitted(privilege, (E) objects[i])) {
+            if (!permissionChecker.isPermitted(requiredPrivilege, (E) objects[i])) {
-                objects[i] = generateAccessDeniedObject(clazz);
+                objects[i] = securedHelper.generateAccessDeniedObject();
            }
        }
@ -110,8 +113,8 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
        final T[] objects = collection.toArray(array);
        for(int i = 0; i < objects.length; i++) {
-            if (!permissionChecker.isPermitted(privilege, (CcmObject) objects[i])) {
+            if (!permissionChecker.isPermitted(requiredPrivilege, (CcmObject) objects[i])) {
-                objects[i] = (T) generateAccessDeniedObject(clazz);
+                objects[i] = (T) securedHelper.generateAccessDeniedObject();
            }
        }
        return objects;
@ -153,18 +156,18 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
        collection.clear();
    }
-    private E generateAccessDeniedObject(final Class<E> clazz) {
+//    private E generateAccessDeniedObject(final Class<E> clazz) {
-        final E placeholder;
+//        final E placeholder;
-        try {
+//        try {
-            placeholder = clazz.newInstance();
+//            placeholder = clazz.newInstance();
-            placeholder.setDisplayName("Access denied");
+//            placeholder.setDisplayName("Access denied");
-
+//
-            return placeholder;
+//            return placeholder;
-        } catch (InstantiationException | IllegalAccessException ex) {
+//        } catch (InstantiationException | IllegalAccessException ex) {
-            LOGGER.error(
+//            LOGGER.error(
-                "Failed to create placeholder object. Returing null.", ex);
+//                "Failed to create placeholder object. Returing null.", ex);
-            return null;
+//            return null;
-        }
+//        }
-    }
+//    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java
@ -0,0 +1,97 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import com.arsdigita.util.UncheckedWrapperException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.libreccm.cdi.utils.CdiLookupException;
 import org.libreccm.cdi.utils.CdiUtil;
 import org.libreccm.core.CcmObject;
 /**
 * A helper class used by the secured collections provided by this package.
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 */
 class SecuredHelper<E extends CcmObject> {
    private final static Logger LOGGER = LogManager.getLogger(
            SecuredHelper.class);
    private final Class<E> clazz;
    private final String requiredPrivilege;
    protected SecuredHelper(final Class<E> clazz,
                            final String requiredPrivilege) {
        this.clazz = clazz;
        this.requiredPrivilege = requiredPrivilege;
    }
    /**
     * Check if the current subject has the permission to access to provided
     * object with the provided privilege.
     *
     * @param object The object to check.
     * @return The provided {@code object} if the current subject has the
     * permission to access it with the provided {@code privilege}. Otherwise a
     * placeholder object is returned whichs {@link CcmObject#displayName}
     * property is set to {@code Access denied}.
     */
    protected E canAccess(final E object) {
        if (object == null) {
            return null;
        }
        final CdiUtil cdiUtil = new CdiUtil();
        final PermissionChecker permissionChecker;
        try {
            permissionChecker = cdiUtil.findBean(
                    PermissionChecker.class);
        } catch (CdiLookupException ex) {
            throw new UncheckedWrapperException(ex);
        }
        if (permissionChecker.isPermitted(requiredPrivilege, object)) {
            return object;
        } else {
            return generateAccessDeniedObject();
        }
    }
    /**
     * Helper method for creating an "Access denied" placeholder object.
     *
     * @return An object of the provided {@link #clazz} with it's
     * {@link CcmObject#displayName} property set to {@code Access denied}.
     */
    protected E generateAccessDeniedObject() {
        try {
            final E placeholder = clazz.newInstance();
            placeholder.setDisplayName("Access denied");
            return placeholder;
        } catch (InstantiationException | IllegalAccessException ex) {
            LOGGER.error(
                    "Failed to create placeholder object. Returing null.", ex);
            return null;
        }
    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java
@ -37,14 +37,9 @@ import java.util.Iterator;
 */
 public class SecuredIterator<E extends CcmObject> implements Iterator<E> {
    private static final Logger LOGGER = LogManager.getLogger(
        SecuredIterator.class);
    private final Iterator<E> iterator;
-    private final Class<E> clazz;
+    private final SecuredHelper<E> securedHelper;
    private final String requiredPrivilege;
    /**
     * Create a new secured iterator which secures the provided iterator.
@ -58,8 +53,7 @@ public class SecuredIterator<E extends CcmObject> implements Iterator<E> {
                           final Class<E> clazz,
                           final String requiredPrivilege) {
        this.iterator = iterator;
-        this.clazz = clazz;
+        this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
        this.requiredPrivilege = requiredPrivilege;
    }
    /**
@ -89,30 +83,7 @@ public class SecuredIterator<E extends CcmObject> implements Iterator<E> {
     */
    @Override
    public E next() {
-        final CdiUtil cdiUtil = new CdiUtil();
+        return securedHelper.canAccess(iterator.next());
        final PermissionChecker permissionChecker;
        try {
            permissionChecker = cdiUtil.findBean(
                PermissionChecker.class);
        } catch (CdiLookupException ex) {
            throw new UncheckedWrapperException(ex);
        }
        final E object = iterator.next();
        if (permissionChecker.isPermitted(requiredPrivilege, object)) {
            return object;
        } else {
            try {
                final E placeholder = clazz.newInstance();
                placeholder.setDisplayName("Access denied");
                return placeholder;
            } catch (InstantiationException | IllegalAccessException ex) {
                LOGGER.error(
                    "Failed to create placeholder object. Returing null.", ex);
                return null;
            }
        }
    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredList.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredList.java
@ -0,0 +1,107 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import java.util.Collection;
 import java.util.List;
 import java.util.ListIterator;
 import org.libreccm.core.CcmObject;
 /**
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 * @param <E>
 */
 public class SecuredList<E extends CcmObject>
        extends SecuredCollection<E>
        implements List<E> {
    private final List<E> list;
    private final Class<E> clazz;
    private final String requiredPrivilege;
    private final SecuredHelper<E> securedHelper;
    public SecuredList(final List<E> list,
                       final Class<E> clazz,
                       final String requiredPrivilege) {
        super(list, clazz, requiredPrivilege);
        this.list = list;
        this.clazz = clazz;
        this.requiredPrivilege = requiredPrivilege;
        this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
    }
    @Override
    public boolean addAll(final int index,
                          final Collection<? extends E> collection) {
        return list.addAll(index, collection);
    }
    @Override
    public E get(final int index) {
        return securedHelper.canAccess(list.get(index));
    }
    @Override
    public E set(final int index, final E element) {
        return list.set(index, element);
    }
    @Override
    public void add(final int index, final E element) {
        list.add(index, element);
    }
    @Override
    public E remove(final int index) {
        return list.remove(index);
    }
    @Override
    public int indexOf(final Object object) {
        return list.indexOf(object);
    }
    @Override
    public int lastIndexOf(final Object object) {
        return list.lastIndexOf(object);
    }
    @Override
    public ListIterator<E> listIterator() {
        return new SecuredListIterator<>(list.listIterator(),
                                         clazz,
                                         requiredPrivilege);
    }
    @Override
    public ListIterator<E> listIterator(final int index) {
        return new SecuredListIterator<>(list.listIterator(index),
                                         clazz,
                                         requiredPrivilege);
    }
    @Override
    public List<E> subList(final int index1, final int index2) {
        return new SecuredList<>(list.subList(index1, index2),
                                 clazz,
                                 requiredPrivilege);
    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java
@ -0,0 +1,84 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import java.util.ListIterator;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.libreccm.core.CcmObject;
 /**
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 * @param <E>
 */
 public class SecuredListIterator<E extends CcmObject>
        extends SecuredIterator<E>
        implements ListIterator<E> {
    private final static Logger LOGGER = LogManager.getLogger(
            SecuredListIterator.class);
    private final ListIterator<E> iterator;
    private final SecuredHelper<E> securedHelper;
    public SecuredListIterator(final ListIterator<E> iterator,
                               final Class<E> clazz,
                               final String requiredPrivilege) {
        super(iterator, clazz, requiredPrivilege);
        this.iterator = iterator;
        this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
    }
    @Override
    public boolean hasPrevious() {
        return iterator.hasPrevious();
    }
    @Override
    public E previous() {
        return securedHelper.canAccess(iterator.previous());
    }
    @Override
    public int nextIndex() {
        return iterator.nextIndex();
    }
    @Override
    public int previousIndex() {
        return iterator.previousIndex();
    }
    @Override
    public void remove() {
        iterator.remove();
    }
    @Override
    public void set(final E element) {
        iterator.set(element);
    }
    @Override
    public void add(final E element) {
        iterator.add(element);
    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java
@ -0,0 +1,122 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import java.util.Iterator;
 import java.util.NavigableSet;
 import org.libreccm.core.CcmObject;
 /**
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 * @param <E>
 */
 public class SecuredNavigableSet<E extends CcmObject>
        extends SecuredSortedSet<E>
        implements NavigableSet<E> {
    private final NavigableSet<E> set;
    private final Class<E> clazz;
    private final String requiredPrivilege;
    private final SecuredHelper<E> securedHelper;
    public SecuredNavigableSet(final NavigableSet<E> set,
                               final Class<E> clazz,
                               final String requiredPrivilege) {
        super(set, clazz, requiredPrivilege);
        this.set = set;
        this.clazz = clazz;
        this.requiredPrivilege = requiredPrivilege;
        this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
    }
    @Override
    public E lower(final E element) {
        return securedHelper.canAccess(set.lower(element));
    }
    @Override
    public E floor(final E element) {
        return securedHelper.canAccess(set.floor(element));
    }
    @Override
    public E ceiling(final E element) {
        return securedHelper.canAccess(set.ceiling(element));
    }
    @Override
    public E higher(final E element) {
        return securedHelper.canAccess(set.higher(element));
    }
    @Override
    public E pollFirst() {
        return securedHelper.canAccess(set.pollFirst());
    }
    @Override
    public E pollLast() {
        return securedHelper.canAccess(set.pollLast());
    }
    @Override
    public NavigableSet<E> descendingSet() {
        return new SecuredNavigableSet<>(set.descendingSet(),
                                         clazz,
                                         requiredPrivilege);
    }
    @Override
    public Iterator<E> descendingIterator() {
        return new SecuredIterator<>(set.descendingIterator(),
                                     clazz,
                                     requiredPrivilege);
    }
    @Override
    public NavigableSet<E> subSet(final E fromElement,
                                  final boolean fromInclusive,
                                  final E toElement,
                                  final boolean toInclusive) {
        return new SecuredNavigableSet<>(set.subSet(toElement,
                                                    toInclusive,
                                                    toElement,
                                                    toInclusive),
                                         clazz,
                                         requiredPrivilege);
    }
    @Override
    public NavigableSet<E> headSet(final E toElement,
                                   final boolean inclusive) {
        return new SecuredNavigableSet<>(set.headSet(toElement, inclusive),
                                         clazz,
                                         requiredPrivilege);
    }
    @Override
    public NavigableSet<E> tailSet(final E fromElement,
                                   final boolean inclusive) {
        return new SecuredNavigableSet<>(set.tailSet(fromElement, inclusive),
                                         clazz,
                                         requiredPrivilege);
    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredSet.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredSet.java
@ -0,0 +1,39 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import java.util.Set;
 import org.libreccm.core.CcmObject;
 /**
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 * @param <E>
 */
 public class SecuredSet<E extends CcmObject>
        extends SecuredCollection<E>
        implements Set<E> {
    public SecuredSet(final Set<E> set, 
                      final Class<E> clazz,
                      final String requiredPrivilege) {
        super(set, clazz, requiredPrivilege);
    }
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java
@ -0,0 +1,87 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import java.util.Comparator;
 import java.util.Set;
 import java.util.SortedSet;
 import org.libreccm.core.CcmObject;
 /**
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 * @param <E>
 */
 public class SecuredSortedSet<E extends CcmObject>
        extends SecuredSet<E>
        implements SortedSet<E> {
    private final SortedSet<E> set;
    private final Class<E> clazz;
    private final String requiredPrivilege;
    private final SecuredHelper<E> securedHelper;
    public SecuredSortedSet(final SortedSet<E> set,
                            final Class<E> clazz,
                            final String requiredPrivilege) {
        super(set, clazz, requiredPrivilege);
        this.set = set;
        this.clazz = clazz;
        this.requiredPrivilege = requiredPrivilege;
        this.securedHelper = new SecuredHelper(clazz, requiredPrivilege);
    }
    @Override
    public Comparator<? super E> comparator() {
        return set.comparator();
    }
    @Override
    public SortedSet<E> subSet(final E element1,
                               final E element2) {
        return new SecuredSortedSet<>(set.subSet(element1, element2),
                                      clazz,
                                      requiredPrivilege);
    }
    @Override
    public SortedSet<E> headSet(final E element) {
        return new SecuredSortedSet<>(set.headSet(element),
                                      clazz,
                                      requiredPrivilege);
    }
    @Override
    public SortedSet<E> tailSet(final E element) {
        return new SecuredSortedSet<>(set.tailSet(element),
                                      clazz,
                                      requiredPrivilege);
    }
    @Override
    public E first() {
        return securedHelper.canAccess(set.first());
    }
    @Override
    public E last() {
        return securedHelper.canAccess(set.last());
    }
 }
--- a/ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java
+++ b/ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java
@ -0,0 +1,504 @@
 /*
 * Copyright (C) 2015 LibreCCM Foundation.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02110-1301  USA
 */
 package org.libreccm.security;
 import com.arsdigita.kernel.KernelConfig;
 import com.arsdigita.kernel.security.SecurityConfig;
 import com.arsdigita.runtime.AbstractConfig;
 import com.arsdigita.util.UncheckedWrapperException;
 import com.arsdigita.util.parameter.AbstractParameterContext;
 import com.arsdigita.web.CCMApplicationContextListener;
 import com.arsdigita.xml.XML;
 import com.arsdigita.xml.formatters.DateTimeFormatter;
 import java.io.File;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.Callable;
 import javax.inject.Inject;
 import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.subject.Subject;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.junit.InSequence;
 import org.jboss.arquillian.persistence.CreateSchema;
 import org.jboss.arquillian.persistence.PersistenceTest;
 import org.jboss.arquillian.persistence.UsingDataSet;
 import org.jboss.arquillian.transaction.api.annotation.TransactionMode;
 import org.jboss.arquillian.transaction.api.annotation.Transactional;
 import org.jboss.shrinkwrap.api.ShrinkWrap;
 import org.jboss.shrinkwrap.api.asset.EmptyAsset;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
 import org.jboss.shrinkwrap.resolver.api.maven.Maven;
 import org.jboss.shrinkwrap.resolver.api.maven.PomEquippedResolveStage;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 import org.junit.runner.RunWith;
 import org.libreccm.categorization.Categorization;
 import org.libreccm.cdi.utils.CdiUtil;
 import org.libreccm.core.CcmObject;
 import org.libreccm.core.CcmObjectRepository;
 import org.libreccm.jpa.EntityManagerProducer;
 import org.libreccm.jpa.utils.MimeTypeConverter;
 import org.libreccm.l10n.LocalizedString;
 import org.libreccm.tests.categories.IntegrationTest;
 import org.libreccm.testutils.EqualsVerifier;
 import org.libreccm.web.CcmApplication;
 import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.*;
 /**
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 */
@Category(IntegrationTest.class)
@RunWith(Arquillian.class)
@PersistenceTest
@Transactional(TransactionMode.COMMIT)
@CreateSchema({"create_ccm_core_schema.sql"})
 public class SecuredCollectionTest {
    private static final String ACCESS_DENIED = "Access denied";
    @Inject
    private Subject subject;
    @Inject
    private Shiro shiro;
    @Inject
    private CcmObjectRepository objectRepository;
    //private List<CcmObject> list;
    private SecuredCollection<CcmObject> collection1;
    private SecuredCollection<CcmObject> collection2;
    private SecuredCollection<CcmObject> collection3;
    public SecuredCollectionTest() {
    }
    @BeforeClass
    public static void setUpClass() {
    }
    @AfterClass
    public static void tearDownClass() {
    }
    @Before
    public void setUp() {
        final CcmObject object1 = objectRepository.findById(-20001L);
        final CcmObject object2 = objectRepository.findById(-20002L);
        final CcmObject object3 = objectRepository.findById(-20003L);
        final List<CcmObject> list = new ArrayList<>();
        list.add(object1);
        list.add(object2);
        list.add(object3);
        collection1 = new SecuredCollection<>(list,
                                              CcmObject.class,
                                              "privilege1");
        collection2 = new SecuredCollection<>(list,
                                              CcmObject.class,
                                              "privilege2");
        collection3 = new SecuredCollection<>(list,
                                              CcmObject.class,
                                              "privilege3");
    }
    @After
    public void tearDown() {
    }
    @Deployment
    public static WebArchive createDeployment() {
        final PomEquippedResolveStage pom = Maven
                .resolver()
                .loadPomFromFile("pom.xml");
        final PomEquippedResolveStage dependencies = pom.
                importCompileAndRuntimeDependencies();
        final File[] libs = dependencies.resolve().withTransitivity().asFile();
        for (File lib : libs) {
            System.err.printf("Adding file '%s' to test archive...%n",
                              lib.getName());
        }
        return ShrinkWrap
                .create(WebArchive.class,
                        "LibreCCM-org.libreccm.security.SecuredCollectionTest.war").
                addPackage(User.class.getPackage())
                .addPackage(CcmObject.class.getPackage())
                .addPackage(Categorization.class.getPackage())
                .addPackage(LocalizedString.class.getPackage())
                .addPackage(CcmApplication.class.getPackage())
                .addPackage(EntityManagerProducer.class.getPackage())
                .addPackage(MimeTypeConverter.class.getPackage())
                .addPackage(EqualsVerifier.class.getPackage())
                .addPackage(IntegrationTest.class.getPackage())
                .addPackage(KernelConfig.class.getPackage())
                .addPackage(SecurityConfig.class.getPackage())
                .addPackage(AbstractConfig.class.getPackage())
                .addPackage(AbstractParameterContext.class.getPackage())
                .addPackage(UncheckedWrapperException.class.getPackage())
                .addPackage(CCMApplicationContextListener.class.getPackage())
                .addPackage(XML.class.getPackage())
                .addPackage(DateTimeFormatter.class.getPackage())
                .addPackage(CdiUtil.class.getPackage())
                .addAsLibraries(libs)
                .addAsResource("test-persistence.xml",
                               "META-INF/persistence.xml")
                .addAsResource("com/arsdigita/kernel/"
                                       + "KernelConfig_parameter.properties",
                               "com/arsdigita/kernel/"
                                       + "KernelConfig_parameter.properties")
                .addAsResource("com/arsdigita/kernel/security/"
                                       + "SecurityConfig_parameter.properties",
                               "com/arsdigita/kernel/security/"
                                       + "SecurityConfig_parameter.properties")
                .addAsWebInfResource(
                        "configs/org/libreccm/security/UserManagerTest/"
                                + "registry.properties",
                        "conf/registry/registry.properties")
                .addAsResource(
                        "configs/org/libreccm/security/UserManagerTest/ccm-core.config",
                        "ccm-core.config")
                .addAsResource(
                        "configs/org/libreccm/security/ShiroTest/shiro.ini",
                        "shiro.ini")
                .addAsResource(
                        "configs/org/libreccm/security/ShiroTest/log4j2.xml",
                        "log4j2.xml")
                .addAsWebInfResource(
                        "configs/org/libreccm/security/ShiroTest/"
                                + "kernel.properties",
                        "conf/registry/ccm-core/kernel.properties")
                .addAsWebInfResource(
                        "configs/org/libreccm//security/ShiroTest/"
                                + "security.properties",
                        "conf/registry/ccm-core/security.properties")
                .addAsWebInfResource("test-web.xml", "web.xml")
                .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(100)
    public void checkToArrayJdoe() {
        final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
                                                                      "foo123");
        token.setRememberMe(true);
        subject.login(token);
        final Object[] array1 = collection1.toArray();
        assertThat(array1.length, is(3));
        assertThat(array1[0], is(instanceOf(CcmObject.class)));
        assertThat(array1[1], is(instanceOf(CcmObject.class)));
        assertThat(array1[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array1[0]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array1[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array1[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        final Object[] array2 = collection2.toArray();
        assertThat(array2.length, is(3));
        assertThat(array2[0], is(instanceOf(CcmObject.class)));
        assertThat(array2[1], is(instanceOf(CcmObject.class)));
        assertThat(array2[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array2[0]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array2[1]).getDisplayName(),
                   is(equalTo("object2")));
        assertThat(((CcmObject) array2[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        final Object[] array3 = collection3.toArray();
        assertThat(array3.length, is(3));
        assertThat(array3[0], is(instanceOf(CcmObject.class)));
        assertThat(array3[1], is(instanceOf(CcmObject.class)));
        assertThat(array3[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array3[0]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array3[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array3[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(200)
    public void checkToArrayMmuster() {
        final UsernamePasswordToken token = new UsernamePasswordToken("mmuster",
                                                                      "foo123");
        token.setRememberMe(true);
        subject.login(token);
        final Object[] array1 = collection1.toArray();
        assertThat(array1.length, is(3));
        assertThat(array1[0], is(instanceOf(CcmObject.class)));
        assertThat(array1[1], is(instanceOf(CcmObject.class)));
        assertThat(array1[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array1[0]).getDisplayName(),
                   is(equalTo("object1")));
        assertThat(((CcmObject) array1[1]).getDisplayName(),
                   is(equalTo("object2")));
        assertThat(((CcmObject) array1[2]).getDisplayName(),
                   is(equalTo("object3")));
        final Object[] array2 = collection2.toArray();
        assertThat(array2.length, is(3));
        assertThat(array2[0], is(instanceOf(CcmObject.class)));
        assertThat(array2[1], is(instanceOf(CcmObject.class)));
        assertThat(array2[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array2[0]).getDisplayName(),
                   is(equalTo("object1")));
        assertThat(((CcmObject) array2[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array2[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        final Object[] array3 = collection3.toArray();
        assertThat(array3.length, is(3));
        assertThat(array3[0], is(instanceOf(CcmObject.class)));
        assertThat(array3[1], is(instanceOf(CcmObject.class)));
        assertThat(array3[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array3[0]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array3[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array3[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(300)
    public void checkToArrayPublicUser() {
        final Object[] array1 = collection1.toArray();
        assertThat(array1.length, is(3));
        assertThat(array1[0], is(instanceOf(CcmObject.class)));
        assertThat(array1[1], is(instanceOf(CcmObject.class)));
        assertThat(array1[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array1[0]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array1[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array1[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        final Object[] array2 = collection2.toArray();
        assertThat(array2.length, is(3));
        assertThat(array2[0], is(instanceOf(CcmObject.class)));
        assertThat(array2[1], is(instanceOf(CcmObject.class)));
        assertThat(array2[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array2[0]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array2[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array2[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        final Object[] array3 = collection3.toArray();
        assertThat(array3.length, is(3));
        assertThat(array3[0], is(instanceOf(CcmObject.class)));
        assertThat(array3[1], is(instanceOf(CcmObject.class)));
        assertThat(array3[2], is(instanceOf(CcmObject.class)));
        assertThat(((CcmObject) array3[0]).getDisplayName(),
                   is(equalTo("object1")));
        assertThat(((CcmObject) array3[1]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
        assertThat(((CcmObject) array3[2]).getDisplayName(),
                   is(equalTo(ACCESS_DENIED)));
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(400)
    public void checkToArraySystemUser() {
        shiro.getSystemUser().execute(new Callable<Boolean>() {
            @Override
            public Boolean call() throws Exception {
                final Object[] array1 = collection1.toArray();
                assertThat(array1.length, is(3));
                assertThat(array1[0], is(instanceOf(CcmObject.class)));
                assertThat(array1[1], is(instanceOf(CcmObject.class)));
                assertThat(array1[2], is(instanceOf(CcmObject.class)));
                assertThat(((CcmObject) array1[0]).getDisplayName(),
                           is(equalTo("object1")));
                assertThat(((CcmObject) array1[1]).getDisplayName(),
                           is(equalTo("object2")));
                assertThat(((CcmObject) array1[2]).getDisplayName(),
                           is(equalTo("object3")));
                final Object[] array2 = collection2.toArray();
                assertThat(array2.length, is(3));
                assertThat(array2[0], is(instanceOf(CcmObject.class)));
                assertThat(array2[1], is(instanceOf(CcmObject.class)));
                assertThat(array2[2], is(instanceOf(CcmObject.class)));
                assertThat(((CcmObject) array2[0]).getDisplayName(),
                           is(equalTo("object1")));
                assertThat(((CcmObject) array2[1]).getDisplayName(),
                           is(equalTo("object2")));
                assertThat(((CcmObject) array2[2]).getDisplayName(),
                           is(equalTo("object3")));
                final Object[] array3 = collection3.toArray();
                assertThat(array3.length, is(3));
                assertThat(array3[0], is(instanceOf(CcmObject.class)));
                assertThat(array3[1], is(instanceOf(CcmObject.class)));
                assertThat(array3[2], is(instanceOf(CcmObject.class)));
                assertThat(((CcmObject) array3[0]).getDisplayName(),
                           is(equalTo("object1")));
                assertThat(((CcmObject) array3[1]).getDisplayName(),
                           is(equalTo("object2")));
                assertThat(((CcmObject) array3[2]).getDisplayName(),
                           is(equalTo("object3")));
                return false;
            }
        });
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(500)
    public void checkToArrayTypeSafeJdoe() {
        final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
                                                                      "foo123");
        token.setRememberMe(true);
        subject.login(token);
        CcmObject[] array1 = new CcmObject[3];
        array1 = collection1.toArray(array1);
        assertThat(array1[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array1[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array1[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        CcmObject[] array2 = new CcmObject[3];
        array2 = collection2.toArray(array2);
        assertThat(array2[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array2[1].getDisplayName(), (is(equalTo("object2"))));
        assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        CcmObject[] array3 = new CcmObject[3];
        array3 = collection3.toArray(array3);
        assertThat(array3[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(600)
    public void checkToArrayTypeSafeMmuster() {
        final UsernamePasswordToken token = new UsernamePasswordToken("mmuster",
                                                                      "foo123");
        token.setRememberMe(true);
        subject.login(token);
        CcmObject[] array1 = new CcmObject[3];
        array1 = collection1.toArray(array1);
        assertThat(array1[0].getDisplayName(), (is(equalTo("object1"))));
        assertThat(array1[1].getDisplayName(), (is(equalTo("object2"))));
        assertThat(array1[2].getDisplayName(), (is(equalTo("object3"))));
        CcmObject[] array2 = new CcmObject[3];
        array2 = collection2.toArray(array2);
        assertThat(array2[0].getDisplayName(), (is(equalTo("object1"))));
        assertThat(array2[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        CcmObject[] array3 = new CcmObject[3];
        array3 = collection3.toArray(array3);
        assertThat(array3[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(700)
    public void checkToArrayTypeSafePublicUser() {
        CcmObject[] array1 = new CcmObject[3];
        array1 = collection1.toArray(array1);
        assertThat(array1[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array1[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array1[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        CcmObject[] array2 = new CcmObject[3];
        array2 = collection2.toArray(array2);
        assertThat(array2[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array2[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        CcmObject[] array3 = new CcmObject[3];
        array3 = collection3.toArray(array3);
        assertThat(array3[0].getDisplayName(), (is(equalTo("object1"))));
        assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
        assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(700)
    public void checkToArrayTypeSystemUser() {
        shiro.getSystemUser().execute(new Callable<Boolean>() {
            @Override
            public Boolean call() throws Exception {
                CcmObject[] array1 = new CcmObject[3];
                array1 = collection1.toArray(array1);
                assertThat(array1[0].getDisplayName(),
                           is(equalTo("object1")));
                assertThat(array1[1].getDisplayName(),
                           is(equalTo("object2")));
                assertThat(array1[2].getDisplayName(),
                           is(equalTo("object3")));
                CcmObject[] array2 = new CcmObject[3];
                array2 = collection2.toArray(array2);
                assertThat(array2[0].getDisplayName(),
                           is(equalTo("object1")));
                assertThat(array2[1].getDisplayName(),
                           is(equalTo("object2")));
                assertThat(array2[2].getDisplayName(),
                           is(equalTo("object3")));
                CcmObject[] array3 = new CcmObject[3];
                array3 = collection3.toArray(array3);
                assertThat(array3[0].getDisplayName(),
                           is(equalTo("object1")));
                assertThat(array3[1].getDisplayName(),
                           is(equalTo("object2")));
                assertThat(array3[2].getDisplayName(),
                           is(equalTo("object3")));
                return false;
            }
        });
    }
 }
--- a/ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java
+++ b/ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java
@ -93,7 +93,11 @@ public class SecuredIteratorTest {
    @Inject
    private CcmObjectRepository objectRepository;
-    private List<CcmObject> list;
+    //private List<CcmObject> list;
    private Iterator<CcmObject> iterator1;
    private Iterator<CcmObject> iterator2;
    private Iterator<CcmObject> iterator3;
    public SecuredIteratorTest() {
    }
@ -112,10 +116,20 @@ public class SecuredIteratorTest {
        final CcmObject object2 = objectRepository.findById(-20002L);
        final CcmObject object3 = objectRepository.findById(-20003L);
-        list = new ArrayList<>();
+        final List<CcmObject> list = new ArrayList<>();
        list.add(object1);
        list.add(object2);
        list.add(object3);
        iterator1 = new SecuredIterator<>(list.iterator(),
                                          CcmObject.class,
                                          "privilege1");
        iterator2 = new SecuredIterator<>(list.iterator(),
                                          CcmObject.class,
                                          "privilege2");
        iterator3 = new SecuredIterator<>(list.iterator(),
                                          CcmObject.class,
                                          "privilege3");
    }
    @After
@ -125,10 +139,10 @@ public class SecuredIteratorTest {
    @Deployment
    public static WebArchive createDeployment() {
        final PomEquippedResolveStage pom = Maven
-            .resolver()
+                .resolver()
-            .loadPomFromFile("pom.xml");
+                .loadPomFromFile("pom.xml");
        final PomEquippedResolveStage dependencies = pom.
-            importCompileAndRuntimeDependencies();
+                importCompileAndRuntimeDependencies();
        final File[] libs = dependencies.resolve().withTransitivity().asFile();
        for (File lib : libs) {
@ -137,73 +151,66 @@ public class SecuredIteratorTest {
        }
        return ShrinkWrap
-            .create(WebArchive.class,
+                .create(WebArchive.class,
-                    "LibreCCM-org.libreccm.security.SecuredIteratorTest.war")
+                        "LibreCCM-org.libreccm.security.SecuredIteratorTest.war").
-            .addPackage(User.class.getPackage())
+                addPackage(User.class.getPackage())
-            .addPackage(CcmObject.class.getPackage())
+                .addPackage(CcmObject.class.getPackage())
-            .addPackage(Categorization.class.getPackage())
+                .addPackage(Categorization.class.getPackage())
-            .addPackage(LocalizedString.class.getPackage())
+                .addPackage(LocalizedString.class.getPackage())
-            .addPackage(CcmApplication.class.getPackage())
+                .addPackage(CcmApplication.class.getPackage())
-            .addPackage(EntityManagerProducer.class.getPackage())
+                .addPackage(EntityManagerProducer.class.getPackage())
-            .addPackage(MimeTypeConverter.class.getPackage())
+                .addPackage(MimeTypeConverter.class.getPackage())
-            .addPackage(EqualsVerifier.class.getPackage())
+                .addPackage(EqualsVerifier.class.getPackage())
-            .addPackage(IntegrationTest.class.getPackage())
+                .addPackage(IntegrationTest.class.getPackage())
-            .addPackage(KernelConfig.class.getPackage())
+                .addPackage(KernelConfig.class.getPackage())
-            .addPackage(SecurityConfig.class.getPackage())
+                .addPackage(SecurityConfig.class.getPackage())
-            .addPackage(AbstractConfig.class.getPackage())
+                .addPackage(AbstractConfig.class.getPackage())
-            .addPackage(AbstractParameterContext.class.getPackage())
+                .addPackage(AbstractParameterContext.class.getPackage())
-            .addPackage(UncheckedWrapperException.class.getPackage())
+                .addPackage(UncheckedWrapperException.class.getPackage())
-            .addPackage(CCMApplicationContextListener.class.getPackage())
+                .addPackage(CCMApplicationContextListener.class.getPackage())
-            .addPackage(XML.class.getPackage())
+                .addPackage(XML.class.getPackage())
-            .addPackage(DateTimeFormatter.class.getPackage())
+                .addPackage(DateTimeFormatter.class.getPackage())
-            .addPackage(CdiUtil.class.getPackage())
+                .addPackage(CdiUtil.class.getPackage())
-            .addAsLibraries(libs)
+                .addAsLibraries(libs)
-            .addAsResource("test-persistence.xml",
+                .addAsResource("test-persistence.xml",
-                           "META-INF/persistence.xml")
+                               "META-INF/persistence.xml")
-            .addAsResource("com/arsdigita/kernel/"
+                .addAsResource("com/arsdigita/kernel/"
-                               + "KernelConfig_parameter.properties",
+                                       + "KernelConfig_parameter.properties",
-                           "com/arsdigita/kernel/"
+                               "com/arsdigita/kernel/"
-                               + "KernelConfig_parameter.properties")
+                                       + "KernelConfig_parameter.properties")
-            .addAsResource("com/arsdigita/kernel/security/"
+                .addAsResource("com/arsdigita/kernel/security/"
-                               + "SecurityConfig_parameter.properties",
+                                       + "SecurityConfig_parameter.properties",
-                           "com/arsdigita/kernel/security/"
+                               "com/arsdigita/kernel/security/"
-                               + "SecurityConfig_parameter.properties")
+                                       + "SecurityConfig_parameter.properties")
-            .addAsWebInfResource(
+                .addAsWebInfResource(
-                "configs/org/libreccm/security/UserManagerTest/"
+                        "configs/org/libreccm/security/UserManagerTest/"
-                    + "registry.properties",
+                                + "registry.properties",
-                "conf/registry/registry.properties")
+                        "conf/registry/registry.properties")
-            .addAsResource(
+                .addAsResource(
-                "configs/org/libreccm/security/UserManagerTest/ccm-core.config",
+                        "configs/org/libreccm/security/UserManagerTest/ccm-core.config",
-                "ccm-core.config")
+                        "ccm-core.config")
-            .addAsResource(
+                .addAsResource(
-                "configs/org/libreccm/security/ShiroTest/shiro.ini",
+                        "configs/org/libreccm/security/ShiroTest/shiro.ini",
-                "shiro.ini")
+                        "shiro.ini")
-            .addAsResource(
+                .addAsResource(
-                "configs/org/libreccm/security/ShiroTest/log4j2.xml",
+                        "configs/org/libreccm/security/ShiroTest/log4j2.xml",
-                "log4j2.xml")
+                        "log4j2.xml")
-            .addAsWebInfResource(
+                .addAsWebInfResource(
-                "configs/org/libreccm/security/ShiroTest/"
+                        "configs/org/libreccm/security/ShiroTest/"
-                    + "kernel.properties",
+                                + "kernel.properties",
-                "conf/registry/ccm-core/kernel.properties")
+                        "conf/registry/ccm-core/kernel.properties")
-            .addAsWebInfResource(
+                .addAsWebInfResource(
-                "configs/org/libreccm//security/ShiroTest/"
+                        "configs/org/libreccm//security/ShiroTest/"
-                    + "security.properties",
+                                + "security.properties",
-                "conf/registry/ccm-core/security.properties")
+                        "conf/registry/ccm-core/security.properties")
-            .addAsWebInfResource("test-web.xml", "web.xml")
+                .addAsWebInfResource("test-web.xml", "web.xml")
-            .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
+                .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
    }
    @Test
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(100)
    public void checkSecuredIteratorJdoe() {
        final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege1");
        final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege2");
        final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege3");
        final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
                                                                      "foo123");
        token.setRememberMe(true);
@ -239,13 +246,6 @@ public class SecuredIteratorTest {
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(200)
    public void checkSecuredIteratorMmuster() {
        final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege1");
        final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege2");
        final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege3");
        final UsernamePasswordToken token = new UsernamePasswordToken("mmuster",
                                                                      "foo123");
        token.setRememberMe(true);
@ -280,13 +280,6 @@ public class SecuredIteratorTest {
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(300)
    public void checkSecuredIteratorPublicUser() {
        final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege1");
        final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege2");
        final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege3");
        final List<CcmObject> list1 = new ArrayList<>();
        while (iterator1.hasNext()) {
            list1.add(iterator1.next());
@ -316,13 +309,6 @@ public class SecuredIteratorTest {
    @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
    @InSequence(400)
    public void checkSecuredIteratorSystemUser() {
        final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege1");
        final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege2");
        final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
            list.iterator(), CcmObject.class, "privilege3");
        shiro.getSystemUser().execute(new Callable<Boolean>() {
            @Override