Examples with AccessControlPolicy javax.jcr.security.AccessControlPolicy used on opensource projects
Example 11 with AccessControlPolicy
use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.
the class AccessControlImporterTest method testImportWithDefaultImporter.
/**
* With the default importer that isn't able to deal with ACEs the
* policy will be created but any ACEs will be ignored.
*
* @throws Exception
*/
public void testImportWithDefaultImporter() throws Exception {
NodeImpl target = (NodeImpl) testRootNode;
try {
InputStream in = new ByteArrayInputStream(XML_POLICY_TREE.getBytes("UTF-8"));
SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, null);
ImportHandler ih = new ImportHandler(importer, sImpl);
new ParsingContentHandler(ih).parse(in);
assertTrue(target.hasNode("test"));
String path = target.getNode("test").getPath();
AccessControlManager acMgr = sImpl.getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(path);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof JackrabbitAccessControlList);
AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
assertEquals(0, entries.length);
} finally {
superuser.refresh(false);
}
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ParsingContentHandler(org.apache.jackrabbit.commons.xml.ParsingContentHandler)
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Example 12 with AccessControlPolicy
use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.
the class ConcurrentReadSinglePolicyTreeTest method visitingNode.
@Override
protected void visitingNode(Node node, int i) throws RepositoryException {
super.visitingNode(node, i);
String path = node.getPath();
AccessControlManager acMgr = node.getSession().getAccessControlManager();
if (testRoot.getPath().equals(path)) {
JackrabbitAccessControlList policy = AccessControlUtils.getAccessControlList(acMgr, path);
if (policy != null) {
policy.addEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_READ), true);
}
acMgr.setPolicy(path, policy);
} else if (!path.contains("rep:policy")) {
for (AccessControlPolicy policy : acMgr.getPolicies(path)) {
if (policy instanceof JackrabbitAccessControlList) {
acMgr.removePolicy(path, policy);
}
}
}
node.getSession().save();
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)
Example 13 with AccessControlPolicy
use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.
the class ReadPolicyTest method testGetEffectivePolicies.
@Test
public void testGetEffectivePolicies() throws Exception {
for (String path : readPaths) {
AccessControlPolicy[] policies = getAccessControlManager(root).getEffectivePolicies(path);
assertTrue(policies.length > 0);
boolean found = false;
for (AccessControlPolicy policy : policies) {
if ("org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl$ReadPolicy".equals(policy.getClass().getName())) {
found = true;
break;
}
}
assertTrue(found);
}
}
Also used :
NamedAccessControlPolicy(javax.jcr.security.NamedAccessControlPolicy)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 14 with AccessControlPolicy
use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.
the class ReadPolicyTest method testGetPolicies.
@Test
public void testGetPolicies() throws Exception {
for (String path : readPaths) {
AccessControlPolicy[] policies = getAccessControlManager(root).getPolicies(path);
assertTrue(policies.length > 0);
boolean found = false;
for (AccessControlPolicy policy : policies) {
if ("org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl$ReadPolicy".equals(policy.getClass().getName())) {
found = true;
break;
}
}
assertTrue(found);
}
}
Also used :
NamedAccessControlPolicy(javax.jcr.security.NamedAccessControlPolicy)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 15 with AccessControlPolicy
use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.
the class AcReadWriteTest method testSetNewPolicy.
/**
* Test if a new applicable policy can be applied within a individual
* subtree where AC-modification is allowed.
*
* @throws RepositoryException
* @throws NotExecutableException
* @see <a href="https://issues.apache.org/jira/browse/JCR-2869">JCR-2869</a>
*/
public void testSetNewPolicy() throws RepositoryException, NotExecutableException {
/* precondition:
testuser must have READ-only permission on test-node and below
*/
checkReadOnly(path);
/* grant 'testUser' rep:write, rep:readAccessControl and
rep:modifyAccessControl privileges at 'path' */
Privilege[] privileges = privilegesFromNames(new String[] { PrivilegeRegistry.REP_WRITE, Privilege.JCR_READ_ACCESS_CONTROL, Privilege.JCR_MODIFY_ACCESS_CONTROL });
JackrabbitAccessControlList tmpl = givePrivileges(path, privileges, getRestrictions(superuser, path));
AccessControlManager testAcMgr = getTestACManager();
/*
testuser must be allowed to set a new policy at a child node.
*/
AccessControlPolicyIterator it = testAcMgr.getApplicablePolicies(childNPath);
while (it.hasNext()) {
AccessControlPolicy plc = it.nextAccessControlPolicy();
testAcMgr.setPolicy(childNPath, plc);
testAcMgr.removePolicy(childNPath, plc);
}
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator)
Privilege(javax.jcr.security.Privilege)
JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)
Aggregations
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)182
Test (org.junit.Test)67
JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)66
AccessControlManager (javax.jcr.security.AccessControlManager)62
AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)52
JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)52
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)49
AccessControlEntry (javax.jcr.security.AccessControlEntry)40
AccessControlList (javax.jcr.security.AccessControlList)32
JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)32
NamedAccessControlPolicy (javax.jcr.security.NamedAccessControlPolicy)28
Privilege (javax.jcr.security.Privilege)28
Principal (java.security.Principal)24
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)23
NodeImpl (org.apache.jackrabbit.core.NodeImpl)18
TestACL (org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL)18
Node (javax.jcr.Node)17
JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)17
Root (org.apache.jackrabbit.oak.api.Root)14
NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)14
