use of org.apache.jackrabbit.api.security.user.Group in project jackrabbit-oak by apache.
the class RemoveMembersTest method beforeSuite.
@Override
public void beforeSuite() throws Exception {
super.beforeSuite();
Session s = loginAdministrative();
try {
UserManager userManager = ((JackrabbitSession) s).getUserManager();
createUsers(userManager);
for (int i = 0; i <= GROUP_CNT; i++) {
Group g = userManager.createGroup(new PrincipalImpl(GROUP + i), REL_TEST_PATH);
groupPaths.add(g.getPath());
List<String> ids = new ArrayList<String>();
for (int j = 0; j <= numberOfMembers; j++) {
ids.add(USER + j);
}
g.addMembers(ids.toArray(new String[ids.size()]));
s.save();
}
} finally {
s.logout();
}
System.out.println("setup done");
}
use of org.apache.jackrabbit.api.security.user.Group in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testCreateTokenFromGroupId.
@Test
public void testCreateTokenFromGroupId() throws Exception {
Group gr = getUserManager(root).createGroup("groupId");
assertNull(tokenProvider.createToken("groupId", Collections.<String, Object>emptyMap()));
}
use of org.apache.jackrabbit.api.security.user.Group in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testGetTokenInfoFromGroup.
@Test
public void testGetTokenInfoFromGroup() throws Exception {
Group gr = getUserManager(root).createGroup("gr");
NodeUtil groupNode = new NodeUtil(root.getTree(gr.getPath()));
NodeUtil parent = groupNode.addChild(TokenConstants.TOKENS_NODE_NAME, TokenConstants.TOKENS_NT_NAME);
NodeUtil tokenNode = parent.addChild("tokenName", TokenConstants.TOKEN_NT_NAME);
String tokenUUID = UUID.randomUUID().toString();
tokenNode.setString(JcrConstants.JCR_UUID, tokenUUID);
String token = tokenUUID + "_generatedKey";
tokenNode.setString(TokenConstants.TOKEN_ATTRIBUTE_KEY, token);
assertNull(tokenProvider.getTokenInfo(token));
}
use of org.apache.jackrabbit.api.security.user.Group in project jackrabbit-oak by apache.
the class ExternalLoginModuleAutoMembershipTest method testLoginAfterSyncSetup1.
@Test
public void testLoginAfterSyncSetup1() throws Exception {
setup1.sync(USER_ID, false);
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
// the login must set the configured + existing auto-membership principals
// to the subject; non-existing auto-membership entries must be ignored.
Set<Principal> principals = cs.getAuthInfo().getPrincipals();
assertTrue(principals.contains(setup1.gr.getPrincipal()));
assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
assertFalse(principals.contains(setup2.gr.getPrincipal()));
assertFalse(principals.contains(setup3.gr.getPrincipal()));
// however, the existing auto-membership group must _not_ have changed
// and the test user must not be a stored member of this group.
root.refresh();
UserManager uMgr = getUserManager(root);
User user = uMgr.getAuthorizable(USER_ID, User.class);
Group gr = uMgr.getAuthorizable(setup1.gr.getID(), Group.class);
assertFalse(gr.isDeclaredMember(user));
assertFalse(gr.isMember(user));
} finally {
options.clear();
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.api.security.user.Group in project jackrabbit-oak by apache.
the class DefaultSyncContextTest method testLostMembershipDifferentIDP.
@Test
public void testLostMembershipDifferentIDP() throws Exception {
// create a group in the repository which is marked as being external
// and associated with another IPD.
Group gr = createTestGroup();
setExternalID(gr, "differentIDP");
// sync an external user from the IDP into the repo and make it member
// of the test group
SyncResult result = syncCtx.sync(idp.listUsers().next());
User user = userManager.getAuthorizable(result.getIdentity().getId(), User.class);
gr.addMember(user);
root.commit();
// enforce synchronization of the user and it's group membership
syncCtx.setForceUserSync(true);
syncConfig.user().setMembershipExpirationTime(-1);
syncConfig.user().setMembershipNestingDepth(1);
assertEquals(SyncResult.Status.UPDATE, syncCtx.sync(user.getID()).getStatus());
// since the group is not associated with the test-IDP the group-membership
// must NOT be modified during the sync.
assertTrue(gr.isDeclaredMember(user));
}
Aggregations