@Test
public void testModifyExistingPolicy() throws Exception {
ACL acl = getApplicablePolicy(testPath);
assertTrue(acl.addAccessControlEntry(testPrincipal, testPrivileges));
AccessControlEntry allowTest = acl.getAccessControlEntries()[0];
acMgr.setPolicy(testPath, acl);
root.commit();
acl = (ACL) acMgr.getPolicies(testPath)[0];
assertTrue(acl.addEntry(EveryonePrincipal.getInstance(), testPrivileges, false, getGlobRestriction("*/something")));
AccessControlEntry[] aces = acl.getAccessControlEntries();
assertEquals(2, aces.length);
AccessControlEntry denyEveryone = aces[1];
assertEquals(EveryonePrincipal.getInstance(), denyEveryone.getPrincipal());
acl.orderBefore(denyEveryone, allowTest);
acMgr.setPolicy(testPath, acl);
root.commit();
acl = (ACL) acMgr.getPolicies(testPath)[0];
aces = acl.getAccessControlEntries();
assertEquals(2, aces.length);
assertEquals(denyEveryone, aces[0]);
assertEquals(allowTest, aces[1]);
Privilege[] readAc = new Privilege[]{acMgr.privilegeFromName(PrivilegeConstants.JCR_READ_ACCESS_CONTROL)};
assertTrue(acl.addEntry(testPrincipal, readAc, false, Collections.<String, Value>emptyMap()));
assertEquals(3, acl.size());
AccessControlEntry denyTest = acl.getAccessControlEntries()[2];
acl.orderBefore(denyTest, allowTest);
acMgr.setPolicy(testPath, acl);
acl = (ACL) acMgr.getPolicies(testPath)[0];