Example 26 with UsernamePasswordCredentials
use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.
the class ModifyAceTest method testMergeAceForUser.
/**
* Test for SLING-997, preserve privileges that were not posted with the modifyAce
* request.
*/
@Test
public void testMergeAceForUser() throws IOException, JsonException {
testUserId = H.createTestUser();
testFolderUrl = H.createTestFolder();
String postUrl = testFolderUrl + ".modifyAce.html";
//1. create an initial set of privileges
List<NameValuePair> postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testUserId));
postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
postParams.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
postParams.add(new NameValuePair("privilege@jcr:addChildNodes", "granted"));
postParams.add(new NameValuePair("privilege@jcr:modifyAccessControl", "denied"));
postParams.add(new NameValuePair("privilege@jcr:removeChildNodes", "denied"));
Credentials creds = new UsernamePasswordCredentials("admin", "admin");
H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
//fetch the JSON for the acl to verify the settings.
String getUrl = testFolderUrl + ".acl.json";
String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
assertNotNull(json);
JsonObject jsonObject = JsonUtil.parseObject(json);
assertEquals(1, jsonObject.size());
JsonObject aceObject = jsonObject.getJsonObject(testUserId);
assertNotNull(aceObject);
String principalString = aceObject.getString("principal");
assertEquals(testUserId, principalString);
int order = aceObject.getInt("order");
assertEquals(0, order);
JsonArray grantedArray = aceObject.getJsonArray("granted");
assertNotNull(grantedArray);
assertEquals(3, grantedArray.size());
Set<String> grantedPrivilegeNames = new HashSet<String>();
for (int i = 0; i < grantedArray.size(); i++) {
grantedPrivilegeNames.add(grantedArray.getString(i));
}
H.assertPrivilege(grantedPrivilegeNames, true, "jcr:read");
H.assertPrivilege(grantedPrivilegeNames, true, "jcr:readAccessControl");
H.assertPrivilege(grantedPrivilegeNames, true, "jcr:addChildNodes");
JsonArray deniedArray = aceObject.getJsonArray("denied");
assertNotNull(deniedArray);
assertEquals(2, deniedArray.size());
Set<String> deniedPrivilegeNames = new HashSet<String>();
for (int i = 0; i < deniedArray.size(); i++) {
deniedPrivilegeNames.add(deniedArray.getString(i));
}
H.assertPrivilege(deniedPrivilegeNames, true, "jcr:modifyAccessControl");
H.assertPrivilege(deniedPrivilegeNames, true, "jcr:removeChildNodes");
//2. post a new set of privileges to merge with the existing privileges
List<NameValuePair> postParams2 = new ArrayList<NameValuePair>();
postParams2.add(new NameValuePair("principalId", testUserId));
//jcr:read and jcr:addChildNodes are not posted, so they should remain in the granted ACE
//clear the existing privilege
postParams2.add(new NameValuePair("privilege@jcr:readAccessControl", "none"));
//add a new privilege
postParams2.add(new NameValuePair("privilege@jcr:modifyProperties", "granted"));
//jcr:modifyAccessControl is not posted, so it should remain in the denied ACE
//deny the modifyAccessControl privilege
postParams2.add(new NameValuePair("privilege@jcr:modifyAccessControl", "denied"));
//clear the existing privilege
postParams2.add(new NameValuePair("privilege@jcr:removeChildNodes", "none"));
//deny a new privilege
postParams2.add(new NameValuePair("privilege@jcr:removeNode", "denied"));
H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams2, null);
//fetch the JSON for the acl to verify the settings.
String json2 = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
assertNotNull(json2);
JsonObject jsonObject2 = JsonUtil.parseObject(json2);
assertEquals(1, jsonObject2.size());
JsonObject aceObject2 = jsonObject2.getJsonObject(testUserId);
assertNotNull(aceObject2);
String principalString2 = aceObject2.getString("principal");
assertEquals(testUserId, principalString2);
JsonArray grantedArray2 = aceObject2.getJsonArray("granted");
assertNotNull(grantedArray2);
assertEquals(3, grantedArray2.size());
Set<String> grantedPrivilegeNames2 = new HashSet<String>();
for (int i = 0; i < grantedArray2.size(); i++) {
grantedPrivilegeNames2.add(grantedArray2.getString(i));
}
H.assertPrivilege(grantedPrivilegeNames2, true, "jcr:read");
H.assertPrivilege(grantedPrivilegeNames2, true, "jcr:addChildNodes");
H.assertPrivilege(grantedPrivilegeNames2, true, "jcr:modifyProperties");
JsonArray deniedArray2 = aceObject2.getJsonArray("denied");
assertNotNull(deniedArray2);
assertEquals(2, deniedArray2.size());
Set<String> deniedPrivilegeNames2 = new HashSet<String>();
for (int i = 0; i < deniedArray2.size(); i++) {
deniedPrivilegeNames2.add(deniedArray2.getString(i));
}
H.assertPrivilege(deniedPrivilegeNames2, true, "jcr:modifyAccessControl");
H.assertPrivilege(deniedPrivilegeNames2, true, "jcr:removeNode");
}
Also used :
JsonArray(javax.json.JsonArray)
NameValuePair(org.apache.commons.httpclient.NameValuePair)
ArrayList(java.util.ArrayList)
JsonObject(javax.json.JsonObject)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Credentials(org.apache.commons.httpclient.Credentials)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
HashSet(java.util.HashSet)
HttpTest(org.apache.sling.commons.testing.integration.HttpTest)
Test(org.junit.Test)
Example 27 with UsernamePasswordCredentials
use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.
the class AccessPrivilegesInfoTest method testGrantedWriteForGroup.
/*
* group testuser granted read / granted write
*/
@Test
public void testGrantedWriteForGroup() throws IOException, JsonException {
testGroupId = H.createTestGroup();
testUserId = H.createTestUser();
testFolderUrl = H.createTestFolder();
Credentials adminCreds = new UsernamePasswordCredentials("admin", "admin");
//add testUserId to testGroup
String groupPostUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".update.html";
List<NameValuePair> groupPostParams = new ArrayList<NameValuePair>();
groupPostParams.add(new NameValuePair(":member", testUserId));
H.assertAuthenticatedPostStatus(adminCreds, groupPostUrl, HttpServletResponse.SC_OK, groupPostParams, null);
//assign some privileges
String postUrl = testFolderUrl + ".modifyAce.html";
List<NameValuePair> postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testGroupId));
postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
postParams.add(new NameValuePair("privilege@jcr:write", "granted"));
postParams.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
postParams.add(new NameValuePair("privilege@jcr:modifyAccessControl", "granted"));
H.assertAuthenticatedPostStatus(adminCreds, postUrl, HttpServletResponse.SC_OK, postParams, null);
String getUrl = testFolderUrl + ".privileges-info.json";
//fetch the JSON for the test page to verify the settings.
Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");
String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
assertNotNull(json);
JsonObject jsonObj = JsonUtil.parseObject(json);
assertEquals(true, jsonObj.getBoolean("canAddChildren"));
assertEquals(true, jsonObj.getBoolean("canDeleteChildren"));
//the parent node must also have jcr:removeChildren granted for 'canDelete' to be true
assertEquals(false, jsonObj.getBoolean("canDelete"));
assertEquals(true, jsonObj.getBoolean("canModifyProperties"));
assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
assertEquals(true, jsonObj.getBoolean("canModifyAccessControl"));
//add a child node to verify the 'canDelete' use case
String childFolderUrl = H.getTestClient().createNode(testFolderUrl + "/testFolder" + random.nextInt() + SlingPostConstants.DEFAULT_CREATE_SUFFIX, null);
String childPostUrl = childFolderUrl + ".modifyAce.html";
postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("principalId", testGroupId));
postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
postParams.add(new NameValuePair("privilege@jcr:removeNode", "granted"));
H.assertAuthenticatedPostStatus(adminCreds, childPostUrl, HttpServletResponse.SC_OK, postParams, null);
String childGetUrl = childFolderUrl + ".privileges-info.json";
String childJson = H.getAuthenticatedContent(testUserCreds, childGetUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
assertNotNull(childJson);
JsonObject childJsonObj = JsonUtil.parseObject(childJson);
assertEquals(true, childJsonObj.getBoolean("canDelete"));
}
Also used :
NameValuePair(org.apache.commons.httpclient.NameValuePair)
ArrayList(java.util.ArrayList)
JsonObject(javax.json.JsonObject)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Credentials(org.apache.commons.httpclient.Credentials)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
HttpTest(org.apache.sling.commons.testing.integration.HttpTest)
Test(org.junit.Test)
Example 28 with UsernamePasswordCredentials
use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.
the class AuthenticatedTestUtil method createTestUser.
public String createTestUser() throws IOException {
String postUrl = HTTP_BASE_URL + "/system/userManager/user.create.html";
String testUserId = "testUser" + getNextInt();
List<NameValuePair> postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair(":name", testUserId));
postParams.add(new NameValuePair("pwd", "testPwd"));
postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
Credentials creds = new UsernamePasswordCredentials("admin", "admin");
final String msg = "Unexpected status while attempting to create test user at " + postUrl;
assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, msg);
final String sessionInfoUrl = HTTP_BASE_URL + "/system/sling/info.sessionInfo.json";
assertAuthenticatedHttpStatus(creds, sessionInfoUrl, HttpServletResponse.SC_OK, "session info failed for user " + testUserId);
return testUserId;
}
Also used :
NameValuePair(org.apache.commons.httpclient.NameValuePair)
ArrayList(java.util.ArrayList)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Credentials(org.apache.commons.httpclient.Credentials)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Example 29 with UsernamePasswordCredentials
use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.
the class AbstractBundlePostMojo method getHttpClient.
/**
* Get the http client
*/
protected HttpClient getHttpClient() {
final HttpClient client = new HttpClient();
client.getHttpConnectionManager().getParams().setConnectionTimeout(5000);
// authentication stuff
client.getParams().setAuthenticationPreemptive(true);
Credentials defaultcreds = new UsernamePasswordCredentials(user, password);
client.getState().setCredentials(AuthScope.ANY, defaultcreds);
return client;
}
Also used :
HttpClient(org.apache.commons.httpclient.HttpClient)
Credentials(org.apache.commons.httpclient.Credentials)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Example 30 with UsernamePasswordCredentials
use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.
the class PostServletPrivilegesUpdateTest method testUpdatePropertyPrivilegesAndEvents.
/**
* Test for SLING-897 fix:
* 1. Updating a property requires jcr:modifyProperties privilege on node.
* 2. When changing an existing property observers should receive a PROPERTY_CHANGED event instead
* of a PROPERTY_REMOVED event and a PROPERTY_ADDED event
*/
@Test
// TODO fails on jackrabbit 2.6.5 and on Oak
@Ignore
public void testUpdatePropertyPrivilegesAndEvents() throws IOException, JsonException, RepositoryException, InterruptedException {
//1. Create user as admin (OK)
// curl -F:name=myuser -Fpwd=password -FpwdConfirm=password http://admin:admin@localhost:8080/system/userManager/user.create.html
testUserId = H.createTestUser();
//2. Create node as admin (OK)
// curl -F:nameHint=node -FpropOne=propOneValue1 -FpropOne=propOneValue2 -FpropTwo=propTwoValue http://admin:admin@localhost:8080/test/
final String createTestNodeUrl = postUrl + SlingPostConstants.DEFAULT_CREATE_SUFFIX;
NameValuePairList clientNodeProperties = new NameValuePairList();
clientNodeProperties.add(SlingPostConstants.RP_NODE_NAME_HINT, testName.getMethodName());
clientNodeProperties.add("propOne", "propOneValue1");
clientNodeProperties.add("propOne", "propOneValue2");
clientNodeProperties.add("propTwo", "propTwoValue");
String testNodeUrl = H.getTestClient().createNode(createTestNodeUrl, clientNodeProperties, null, false);
String content = H.getContent(testNodeUrl + ".json", HttpTest.CONTENT_TYPE_JSON);
JsonObject json = JsonUtil.parseObject(content);
Object propOneObj = json.get("propOne");
assertTrue(propOneObj instanceof JsonArray);
assertEquals(2, ((JsonArray) propOneObj).size());
assertEquals("propOneValue1", ((JsonArray) propOneObj).getString(0));
assertEquals("propOneValue2", ((JsonArray) propOneObj).getString(1));
Object propTwoObj = json.get("propTwo");
assertTrue(propTwoObj instanceof JsonString);
assertEquals("propTwoValue", ((JsonString) propTwoObj).getString());
//3. Attempt to update property of node as testUser (500: javax.jcr.AccessDeniedException: /test/node/propOne: not allowed to add or modify item)
// curl -FpropOne=propOneValueChanged -FpropTwo=propTwoValueChanged1 -FpropTwo=propTwoValueChanged2 http://myuser:password@localhost:8080/test/node
List<NameValuePair> postParams = new ArrayList<NameValuePair>();
postParams.add(new NameValuePair("propOne", "propOneValueChanged"));
postParams.add(new NameValuePair("propTwo", "propTwoValueChanged1"));
postParams.add(new NameValuePair("propTwo", "propTwoValueChanged2"));
Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");
String expectedMessage = "Expected javax.jcr.AccessDeniedException";
H.assertAuthenticatedPostStatus(testUserCreds, testNodeUrl, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, expectedMessage);
//4. Grant jcr:modifyProperties rights to testUser as admin (OK)
// curl -FprincipalId=myuser -Fprivilege@jcr:modifyProperties=granted http://admin:admin@localhost:8080/test/node.modifyAce.html
Map<String, String> nodeAceProperties = new HashMap<String, String>();
nodeAceProperties.put("principalId", testUserId);
nodeAceProperties.put("privilege@jcr:modifyProperties", "granted");
H.getTestClient().createNode(testNodeUrl + ".modifyAce.html", nodeAceProperties);
//use a davex session to verify the correct JCR events are delivered
Repository repository = JcrUtils.getRepository(HttpTest.HTTP_BASE_URL + "/server/");
Session jcrSession = null;
TestEventListener listener = new TestEventListener();
ObservationManager observationManager = null;
try {
jcrSession = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));
observationManager = jcrSession.getWorkspace().getObservationManager();
String testNodePath = testNodeUrl.substring(HttpTest.HTTP_BASE_URL.length());
observationManager.addEventListener(listener, //event types
Event.PROPERTY_ADDED | Event.PROPERTY_CHANGED | Event.PROPERTY_REMOVED, //absPath
testNodePath, //isDeep
true, //uuid
null, //nodeTypeName
null, //noLocal
false);
//5. Attempt to update properties of node (OK)
// curl -FpropOne=propOneValueChanged -FpropTwo=propTwoValueChanged1 -FpropTwo=propTwoValueChanged2 http://myuser:password@localhost:8080/test/node
H.assertAuthenticatedPostStatus(testUserCreds, testNodeUrl, HttpServletResponse.SC_OK, postParams, expectedMessage);
//verify the change happened
String afterUpdateContent = H.getContent(testNodeUrl + ".json", HttpTest.CONTENT_TYPE_JSON);
JsonObject afterUpdateJson = JsonUtil.parseObject(afterUpdateContent);
Object afterUpdatePropOneObj = afterUpdateJson.get("propOne");
assertTrue(afterUpdatePropOneObj instanceof JsonArray);
assertEquals(1, ((JsonArray) afterUpdatePropOneObj).size());
assertEquals("propOneValueChanged", ((JsonArray) afterUpdatePropOneObj).getString(0));
Object afterUpdatePropTwoObj = afterUpdateJson.get("propTwo");
assertTrue(afterUpdatePropTwoObj instanceof JsonArray);
assertEquals(2, ((JsonArray) afterUpdatePropTwoObj).size());
assertEquals("propTwoValueChanged1", ((JsonArray) afterUpdatePropTwoObj).getString(0));
assertEquals("propTwoValueChanged2", ((JsonArray) afterUpdatePropTwoObj).getString(1));
//wait for the expected JCR events to be delivered
for (int second = 0; second < 15; second++) {
if (listener.getEventBundlesProcessed() > 0) {
break;
}
Thread.sleep(1000);
}
assertEquals("One property added event was expected: " + listener.toString(), 1, listener.addedProperties.size());
assertEquals(testNodePath + "/propTwo", listener.addedProperties.get(0));
assertEquals("One property removed event was expected: " + listener.toString(), 1, listener.removedProperties.size());
assertEquals(testNodePath + "/propTwo", listener.removedProperties.get(0));
assertEquals("One property changed event was expected: " + listener.toString(), 1, listener.changedProperties.size());
assertEquals(testNodePath + "/propOne", listener.changedProperties.get(0));
} finally {
//cleanup
if (observationManager != null) {
observationManager.removeEventListener(listener);
}
jcrSession.logout();
repository = null;
}
}
Also used :
NameValuePair(org.apache.commons.httpclient.NameValuePair)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
JsonObject(javax.json.JsonObject)
ObservationManager(javax.jcr.observation.ObservationManager)
JsonString(javax.json.JsonString)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
JsonArray(javax.json.JsonArray)
SimpleCredentials(javax.jcr.SimpleCredentials)
Repository(javax.jcr.Repository)
JsonObject(javax.json.JsonObject)
NameValuePairList(org.apache.sling.commons.testing.integration.NameValuePairList)
JsonString(javax.json.JsonString)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Credentials(org.apache.commons.httpclient.Credentials)
SimpleCredentials(javax.jcr.SimpleCredentials)
Session(javax.jcr.Session)
Ignore(org.junit.Ignore)
HttpTest(org.apache.sling.commons.testing.integration.HttpTest)
Test(org.junit.Test)
Aggregations
UsernamePasswordCredentials (org.apache.commons.httpclient.UsernamePasswordCredentials)113
Credentials (org.apache.commons.httpclient.Credentials)97
ArrayList (java.util.ArrayList)65
NameValuePair (org.apache.commons.httpclient.NameValuePair)61
JsonObject (javax.json.JsonObject)52
HttpTest (org.apache.sling.commons.testing.integration.HttpTest)51
Test (org.junit.Test)51
JsonArray (javax.json.JsonArray)19
HttpClient (org.apache.commons.httpclient.HttpClient)19
AuthScope (org.apache.commons.httpclient.auth.AuthScope)17
HashSet (java.util.HashSet)14
GetMethod (org.apache.commons.httpclient.methods.GetMethod)14
HttpException (org.apache.commons.httpclient.HttpException)9
IOException (java.io.IOException)8
HttpMethod (org.apache.commons.httpclient.HttpMethod)8
HttpState (org.apache.commons.httpclient.HttpState)6
PostMethod (org.apache.commons.httpclient.methods.PostMethod)6
URL (java.net.URL)5
RepositoryException (org.apache.sling.ide.transport.RepositoryException)5
Header (org.apache.commons.httpclient.Header)4
