Examples with AccessControlPolicy javax.jcr.security.AccessControlPolicy used on opensource projects

Search in sources :

Example 16 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.

the class ACLEditorTest method testNodeNotRepAccessControllableAddMixin.

public void testNodeNotRepAccessControllableAddMixin() throws RepositoryException, LockException, ConstraintViolationException, NoSuchNodeTypeException, ItemExistsException, VersionException {
    superuser.getNode(testPath).addMixin("rep:AccessControllable");
    superuser.save();
    AccessControlPolicy[] plcs = acMgr.getPolicies(testPath);
    assertNotNull(plcs);
    assertEquals(1, plcs.length);
    AccessControlPolicyIterator it = acMgr.getApplicablePolicies(testPath);
    assertNotNull(it);
    assertEquals(0, it.getSize());
}
Also used : AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator)

Example 17 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.

the class AccessControlAction method setAC.

private void setAC(@Nonnull Authorizable authorizable, @Nonnull Root root, @Nonnull NamePathMapper namePathMapper) throws RepositoryException {
    if (securityProvider == null) {
        throw new IllegalStateException("Not initialized");
    }
    if (authorizable.isGroup()) {
        if (groupPrivilegeNames.length == 0) {
            log.debug("No privileges configured for groups; omit ac setup.");
            return;
        }
    } else {
        if (userPrivilegeNames.length == 0) {
            log.debug("No privileges configured for users; omit ac setup.");
            return;
        }
        if (isBuiltInUser(authorizable)) {
            log.debug("System user: " + authorizable.getID() + "; omit ac setup.");
            return;
        }
    }
    Principal principal = authorizable.getPrincipal();
    if (administrativePrincipals.contains(principal.getName())) {
        log.debug("Administrative principal: " + principal.getName() + "; omit ac setup.");
        return;
    }
    String path = authorizable.getPath();
    AuthorizationConfiguration acConfig = securityProvider.getConfiguration(AuthorizationConfiguration.class);
    AccessControlManager acMgr = acConfig.getAccessControlManager(root, namePathMapper);
    JackrabbitAccessControlList acl = null;
    for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path); it.hasNext(); ) {
        AccessControlPolicy plc = it.nextAccessControlPolicy();
        if (plc instanceof JackrabbitAccessControlList) {
            acl = (JackrabbitAccessControlList) plc;
            break;
        }
    }
    if (acl == null) {
        log.warn("Cannot process AccessControlAction: no applicable ACL at " + path);
    } else {
        // setup acl according to configuration.
        boolean modified = false;
        String[] privNames = (authorizable.isGroup()) ? groupPrivilegeNames : userPrivilegeNames;
        modified = acl.addAccessControlEntry(principal, getPrivileges(privNames, acMgr));
        if (modified) {
            acMgr.setPolicy(path, acl);
        }
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Principal(java.security.Principal)

Example 18 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testTestSessionGetEffectivePoliciesByPrincipal.

@Test
public void testTestSessionGetEffectivePoliciesByPrincipal() throws Exception {
    NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
    String childPath = child.getTree().getPath();
    Privilege[] privs = privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL);
    setupPolicy(testPath, privs);
    setupPolicy(childPath, privs);
    root.commit();
    Root testRoot = getTestRoot();
    testRoot.refresh();
    JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
    AccessControlPolicy[] effective = testAcMgr.getEffectivePolicies(Collections.singleton(testPrincipal));
    assertNotNull(effective);
    assertEquals(2, effective.length);
}
Also used : JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) Root(org.apache.jackrabbit.oak.api.Root) Privilege(javax.jcr.security.Privilege) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 19 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testSetRepoPolicy.

@Test
public void testSetRepoPolicy() throws Exception {
    ACL acl = getApplicablePolicy(null);
    acl.addAccessControlEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT));
    acMgr.setPolicy(null, acl);
    root.commit();
    Root root2 = adminSession.getLatestRoot();
    AccessControlPolicy[] policies = getAccessControlManager(root2).getPolicies((String) null);
    assertEquals(1, policies.length);
    assertArrayEquals(acl.getAccessControlEntries(), ((ACL) policies[0]).getAccessControlEntries());
}
Also used : JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) Root(org.apache.jackrabbit.oak.api.Root) TestACL(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 20 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testSetPolicy.

//-----------------------------< setPolicy(String, AccessControlPolicy) >---
@Test
public void testSetPolicy() throws Exception {
    ACL acl = getApplicablePolicy(testPath);
    acl.addAccessControlEntry(testPrincipal, testPrivileges);
    acl.addEntry(EveryonePrincipal.getInstance(), testPrivileges, false, getGlobRestriction("*/something"));
    acMgr.setPolicy(testPath, acl);
    root.commit();
    Root root2 = adminSession.getLatestRoot();
    AccessControlPolicy[] policies = getAccessControlManager(root2).getPolicies(testPath);
    assertEquals(1, policies.length);
    assertArrayEquals(acl.getAccessControlEntries(), ((ACL) policies[0]).getAccessControlEntries());
}
Also used : JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) Root(org.apache.jackrabbit.oak.api.Root) TestACL(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

AccessControlPolicy (javax.jcr.security.AccessControlPolicy)182 Test (org.junit.Test)67 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)66 AccessControlManager (javax.jcr.security.AccessControlManager)62 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)52 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)52 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)49 AccessControlEntry (javax.jcr.security.AccessControlEntry)40 AccessControlList (javax.jcr.security.AccessControlList)32 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)32 NamedAccessControlPolicy (javax.jcr.security.NamedAccessControlPolicy)28 Privilege (javax.jcr.security.Privilege)28 Principal (java.security.Principal)24 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)23 NodeImpl (org.apache.jackrabbit.core.NodeImpl)18 TestACL (org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL)18 Node (javax.jcr.Node)17 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)17 Root (org.apache.jackrabbit.oak.api.Root)14 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)14
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial