Search in sources :

Example 26 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project sling by apache.

the class AclUtil method contains.

// visible for testing
static boolean contains(AccessControlEntry[] existingAces, LocalAccessControlEntry newAce) throws RepositoryException {
    for (int i = 0; i < existingAces.length; i++) {
        JackrabbitAccessControlEntry existingEntry = (JackrabbitAccessControlEntry) existingAces[i];
        LOG.debug("Comparing {} with {}", newAce, toString(existingEntry));
        if (newAce.isContainedIn(existingEntry)) {
            return true;
        }
    }
    return false;
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)

Example 27 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class EntryTest method testGetGlob.

public void testGetGlob() throws RepositoryException, NotExecutableException {
    Privilege[] privs = privilegesFromName(Privilege.JCR_ALL);
    JackrabbitAccessControlEntry pe = createEntry(testPrincipal, privs, true);
    assertEquals(restrictions.get(glob), pe.getRestriction(glob));
    assertEquals(PropertyType.STRING, pe.getRestriction(glob).getType());
    Map<String, Value> restr = new HashMap<String, Value>();
    restr.put(nodePath, restrictions.get(nodePath));
    pe = createEntry(testPrincipal, privs, true, restr);
    assertNull(pe.getRestriction(glob));
    restr = new HashMap<String, Value>();
    restr.put(nodePath, restrictions.get(nodePath));
    restr.put(glob, new StringValue(""));
    pe = createEntry(testPrincipal, privs, true, restr);
    assertEquals("", pe.getRestriction(glob).getString());
    restr = new HashMap<String, Value>();
    restr.put(nodePath, restrictions.get(nodePath));
    restr.put(glob, new BooleanValue(true));
    assertEquals(PropertyType.STRING, pe.getRestriction(glob).getType());
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) HashMap(java.util.HashMap) BooleanValue(org.apache.jackrabbit.value.BooleanValue) BooleanValue(org.apache.jackrabbit.value.BooleanValue) Value(javax.jcr.Value) StringValue(org.apache.jackrabbit.value.StringValue) Privilege(javax.jcr.security.Privilege) StringValue(org.apache.jackrabbit.value.StringValue)

Example 28 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class EntryTest method testGetNodePath.

public void testGetNodePath() throws RepositoryException, NotExecutableException {
    Privilege[] privs = privilegesFromName(Privilege.JCR_ALL);
    JackrabbitAccessControlEntry pe = createEntry(testPrincipal, privs, true);
    assertEquals(restrictions.get(nodePath), pe.getRestriction(nodePath));
    assertEquals(PropertyType.PATH, pe.getRestriction(nodePath).getType());
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) Privilege(javax.jcr.security.Privilege)

Example 29 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class EntryTest method testTypeConversion.

public void testTypeConversion() throws RepositoryException, NotExecutableException {
    // ACLTemplate impl tries to convert the property types if the don't
    // match the required ones.
    Privilege[] privs = privilegesFromName(Privilege.JCR_ALL);
    Map<String, Value> restr = new HashMap<String, Value>();
    restr.put(nodePath, new StringValue("/a/b/c/d"));
    JackrabbitAccessControlEntry pe = createEntry(testPrincipal, privs, true, restr);
    assertEquals("/a/b/c/d", pe.getRestriction(nodePath).getString());
    assertEquals(PropertyType.PATH, pe.getRestriction(nodePath).getType());
    restr = new HashMap<String, Value>();
    restr.put(nodePath, restrictions.get(nodePath));
    restr.put(glob, new BooleanValue(true));
    pe = createEntry(testPrincipal, privs, true, restr);
    assertEquals(true, pe.getRestriction(glob).getBoolean());
    assertEquals(PropertyType.STRING, pe.getRestriction(glob).getType());
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) HashMap(java.util.HashMap) BooleanValue(org.apache.jackrabbit.value.BooleanValue) BooleanValue(org.apache.jackrabbit.value.BooleanValue) Value(javax.jcr.Value) StringValue(org.apache.jackrabbit.value.StringValue) Privilege(javax.jcr.security.Privilege) StringValue(org.apache.jackrabbit.value.StringValue)

Example 30 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class AccessControlImporterTest method testImportACLRemoveACE.

/**
     * Imports a resource-based ACL containing a single entry.
     *
     * @throws Exception
     */
public void testImportACLRemoveACE() throws Exception {
    try {
        NodeImpl target = (NodeImpl) testRootNode.addNode(nodeName1);
        target.addMixin("rep:AccessControllable");
        InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_3.getBytes("UTF-8"));
        SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ImportHandler ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        in = new ByteArrayInputStream(XML_POLICY_TREE_5.getBytes("UTF-8"));
        importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        String path = target.getPath();
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(path);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof JackrabbitAccessControlList);
        AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, entries.length);
        AccessControlEntry entry = entries[0];
        assertEquals("admin", entry.getPrincipal().getName());
        assertEquals(1, entry.getPrivileges().length);
        assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
        if (entry instanceof JackrabbitAccessControlEntry) {
            assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
        }
    } finally {
        superuser.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NodeImpl(org.apache.jackrabbit.core.NodeImpl) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ParsingContentHandler(org.apache.jackrabbit.commons.xml.ParsingContentHandler) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) ByteArrayInputStream(java.io.ByteArrayInputStream)

Aggregations

JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)48 AccessControlEntry (javax.jcr.security.AccessControlEntry)30 Privilege (javax.jcr.security.Privilege)25 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)19 Principal (java.security.Principal)16 Value (javax.jcr.Value)14 Test (org.junit.Test)12 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)11 AccessControlManager (javax.jcr.security.AccessControlManager)10 ArrayList (java.util.ArrayList)6 HashMap (java.util.HashMap)6 ByteArrayInputStream (java.io.ByteArrayInputStream)5 InputStream (java.io.InputStream)5 RepositoryException (javax.jcr.RepositoryException)5 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)5 ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)5 NodeImpl (org.apache.jackrabbit.core.NodeImpl)5 Node (javax.jcr.Node)4 AccessControlException (javax.jcr.security.AccessControlException)4 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)4