Examples with AccessControlManager javax.jcr.security.AccessControlManager used on opensource projects

Example 11 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit by apache.

the class ConcurrentReadAccessControlledTreeTest method beforeSuite.

@Override
protected void beforeSuite() throws Exception {
    super.beforeSuite();
    ItemVisitor visitor = new TraversingItemVisitor.Default() {

        int counter = 0;

        @Override
        protected void entering(Node node, int level) throws RepositoryException {
            if (++counter == 10) {
                addPolicy(node);
                counter = 0;
            }
            super.entering(node, level);
        }

        private void addPolicy(Node node) throws RepositoryException {
            AccessControlManager acMgr = node.getSession().getAccessControlManager();
            String path = node.getPath();
            AccessControlPolicyIterator acIterator = acMgr.getApplicablePolicies(path);
            if (acIterator.hasNext()) {
                AccessControlPolicy policy = acIterator.nextAccessControlPolicy();
                if (policy instanceof AccessControlList) {
                    AccessControlList acl = (AccessControlList) policy;
                    Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ), acMgr.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL) };
                    if (acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges)) {
                        acMgr.setPolicy(path, acl);
                        node.getSession().save();
                    }
                }
            }
        }
    };
    visitor.visit(testRoot);
    for (int i = 0; i < bgReaders; i++) {
        addBackgroundJob(new RandomRead(loginReader(), false));
    }
}

Example 12 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class AceCreationTest method afterTest.

@Override
protected void afterTest() throws Exception {
    Session session = createOrGetSystemSession();
    AccessControlManager acm = session.getAccessControlManager();
    for (AccessControlPolicy policy : acm.getPolicies(nodePath)) {
        acm.removePolicy(nodePath, policy);
    }
    save(session, transientWrites);
    super.afterTest();
}

Example 13 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class AceCreationTest method createAce.

private void createAce(Session session, int count) throws RepositoryException {
    AccessControlManager acManager = session.getAccessControlManager();
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acManager, nodePath);
    for (int i = 0; i < count; i++) {
        ImmutableMap<String, Value> restrictions = ImmutableMap.of(AccessControlConstants.REP_GLOB, session.getValueFactory().createValue(i + ""));
        acl.addEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acManager, Privilege.JCR_ADD_CHILD_NODES), true, restrictions);
    }
    acManager.setPolicy(nodePath, acl);
}

Example 14 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class CompositeAuthorizationConfigurationTest method testSingleGetAccessControlManager.

@Test
public void testSingleGetAccessControlManager() {
    CompositeAuthorizationConfiguration cc = getCompositeConfiguration(new AuthorizationConfigurationImpl(getSecurityProvider()));
    AccessControlManager accessControlManager = cc.getAccessControlManager(root, NamePathMapper.DEFAULT);
    assertFalse(accessControlManager instanceof CompositeAccessControlManager);
}

Example 15 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit by apache.

the class ACLProvider method initRootACL.

/**
     * Set-up minimal permissions for the workspace:
     *
     * <ul>
     * <li>'adminstrators' principal -> all privileges</li>
     * <li>'everyone' -> read privilege</li>
     * </ul>
     *
     * @param session to the workspace to set-up initial ACL to
     * @param editor for the specified session.
     * @throws RepositoryException If an error occurs.
     */
private static void initRootACL(SessionImpl session, AccessControlEditor editor) throws RepositoryException {
    try {
        log.debug("Install initial ACL:...");
        String rootPath = session.getRootNode().getPath();
        AccessControlPolicy[] acls = editor.editAccessControlPolicies(rootPath);
        if (acls.length > 0) {
            ACLTemplate acl = (ACLTemplate) acls[0];
            PrincipalManager pMgr = session.getPrincipalManager();
            AccessControlManager acMgr = session.getAccessControlManager();
            String pName = SecurityConstants.ADMINISTRATORS_NAME;
            if (pMgr.hasPrincipal(pName)) {
                Principal administrators = pMgr.getPrincipal(pName);
                log.debug("... Privilege.ALL for administrators.");
                Privilege[] privs = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_ALL) };
                acl.addAccessControlEntry(administrators, privs);
            } else {
                log.info("Administrators principal group is missing -> omitting initialization of default permissions.");
            }
            Principal everyone = pMgr.getEveryone();
            log.debug("... Privilege.READ for everyone.");
            Privilege[] privs = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ) };
            acl.addAccessControlEntry(everyone, privs);
            editor.setPolicy(rootPath, acl);
            session.save();
        } else {
            log.info("No applicable ACL available for the root node -> skip initialization of the root node's ACL.");
        }
    } catch (RepositoryException e) {
        log.error("Failed to set-up minimal access control for root node of workspace " + session.getWorkspace().getName());
        session.getRootNode().refresh(false);
    }
}