Examples with PrincipalManager org.apache.jackrabbit.api.security.principal.PrincipalManager used on opensource projects

Example 1 with PrincipalManager

use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit by apache.

the class WriteTest method testInvalidPrincipal.

public void testInvalidPrincipal() throws Exception {
    PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
    String unknown = "unknown";
    while (pMgr.hasPrincipal(unknown)) {
        unknown = unknown + "_";
    }
    Principal principal = new PrincipalImpl(unknown);
    if (acMgr instanceof JackrabbitAccessControlManager) {
        // first try applicable policies
        try {
            AccessControlPolicy[] policies = ((JackrabbitAccessControlManager) acMgr).getApplicablePolicies(principal);
            assertNotNull(policies);
            assertEquals(0, policies.length);
        } catch (AccessControlException e) {
        // success
        }
        // second existing policies
        try {
            AccessControlPolicy[] policies = ((JackrabbitAccessControlManager) acMgr).getPolicies(principal);
            assertNotNull(policies);
            assertEquals(0, policies.length);
        } catch (AccessControlException e) {
        // success
        }
    } else {
        throw new NotExecutableException();
    }
}

Example 2 with PrincipalManager

use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.

the class GetPrincipalTest method runTest.

@Override
protected void runTest() throws Exception {
    Session s = loginWriter();
    PrincipalManager principalManager = ((JackrabbitSession) s).getPrincipalManager();
    for (int i = 0; i < 1000; i++) {
        Principal p = principalManager.getPrincipal(getUserId());
    }
}

Example 3 with PrincipalManager

use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit by apache.

the class NestedGroupTest method testInheritedMembership.

public void testInheritedMembership() throws NotExecutableException, RepositoryException {
    Group gr1 = null;
    Group gr2 = null;
    Group gr3 = null;
    if (!(superuser instanceof JackrabbitSession)) {
        throw new NotExecutableException();
    }
    try {
        gr1 = createGroup(getTestPrincipal());
        gr2 = createGroup(getTestPrincipal());
        gr3 = createGroup(getTestPrincipal());
        assertTrue(addMember(gr1, gr2));
        assertTrue(addMember(gr2, gr3));
        // NOTE: don't test with Group.isMember for not required to detect
        // inherited membership -> rather with PrincipalManager.
        boolean isMember = false;
        PrincipalManager pmgr = ((JackrabbitSession) superuser).getPrincipalManager();
        for (PrincipalIterator it = pmgr.getGroupMembership(gr3.getPrincipal()); it.hasNext() && !isMember; ) {
            isMember = it.nextPrincipal().equals(gr1.getPrincipal());
        }
        assertTrue(isMember);
    } finally {
        if (gr1 != null && gr1.isMember(gr2)) {
            removeMember(gr1, gr2);
        }
        if (gr2 != null && gr2.isMember(gr3)) {
            removeMember(gr2, gr3);
        }
        if (gr1 != null)
            removeGroup(gr1);
        if (gr2 != null)
            removeGroup(gr2);
        if (gr3 != null)
            removeGroup(gr3);
    }
}

Example 4 with PrincipalManager

use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit by apache.

the class AccessControlImporterTest method testImportPrincipalBasedACL.

/**
     * Imports a principal-based ACL containing a single entry mist fail with
     * the default configuration.
     *
     * @throws Exception
     */
public void testImportPrincipalBasedACL() throws Exception {
    JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) sImpl.getAccessControlManager();
    if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 || acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
        // test expects that only resource-based acl is supported
        throw new NotExecutableException();
    }
    PrincipalManager pmgr = sImpl.getPrincipalManager();
    if (!pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
        UserManager umgr = sImpl.getUserManager();
        umgr.createGroup(new PrincipalImpl(SecurityConstants.ADMINISTRATORS_NAME));
        if (!umgr.isAutoSave()) {
            sImpl.save();
        }
        if (pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
            throw new NotExecutableException();
        }
    }
    NodeImpl target;
    NodeImpl root = (NodeImpl) sImpl.getRootNode();
    if (!root.hasNode(AccessControlConstants.N_ACCESSCONTROL)) {
        target = root.addNode(AccessControlConstants.N_ACCESSCONTROL, AccessControlConstants.NT_REP_ACCESS_CONTROL, null);
    } else {
        target = root.getNode(AccessControlConstants.N_ACCESSCONTROL);
        if (!target.isNodeType(AccessControlConstants.NT_REP_ACCESS_CONTROL)) {
            target.setPrimaryType(sImpl.getJCRName(AccessControlConstants.NT_REP_ACCESS_CONTROL));
        }
    }
    try {
        InputStream in = new ByteArrayInputStream(XML_AC_TREE.getBytes("UTF-8"));
        SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ImportHandler ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        fail("Default config only allows resource-based ACL -> protected import must fail");
    } catch (SAXException e) {
        if (e.getException() instanceof ConstraintViolationException) {
        // success
        } else {
            throw e;
        }
    } finally {
        superuser.refresh(false);
    }
}

Example 5 with PrincipalManager

use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit by apache.

the class ACLTemplateTest method testMultiplePrincipals.

public void testMultiplePrincipals() throws RepositoryException, NotExecutableException {
    PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
    Principal everyone = pMgr.getEveryone();
    Principal grPrincipal = null;
    PrincipalIterator it = pMgr.findPrincipals("", PrincipalManager.SEARCH_TYPE_GROUP);
    while (it.hasNext()) {
        Group gr = (Group) it.nextPrincipal();
        if (!everyone.equals(gr)) {
            grPrincipal = gr;
        }
    }
    if (grPrincipal == null || grPrincipal.equals(everyone)) {
        throw new NotExecutableException();
    }
    Privilege[] privs = privilegesFromName(Privilege.JCR_READ);
    JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
    pt.addAccessControlEntry(testPrincipal, privs);
    assertFalse(pt.addAccessControlEntry(testPrincipal, privs));
    // add same privileges for another principal -> must modify as well.
    assertTrue(pt.addAccessControlEntry(everyone, privs));
    // .. 2 entries must be present.
    assertTrue(pt.getAccessControlEntries().length == 2);
}