Example 11 with ContentSession
use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.
the class PermissionTest method testProtectPropertiesByRestriction.
/**
* Tests the custom restriction provider that checks on the existence of a property.
* @throws Exception
*/
@Test
public void testProtectPropertiesByRestriction() throws Exception {
// create permissions
// allow rep:write /testroot
// deny jcr:modifyProperties /testroot/a glob = */c
addEntry(TEST_ROOT_PATH, true, "", PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_WRITE);
addEntry(TEST_A_PATH, false, "*/c", PrivilegeConstants.JCR_MODIFY_PROPERTIES);
ContentSession testSession = createTestSession();
try {
Root testRoot = testSession.getLatestRoot();
PermissionProvider pp = getPermissionProvider(testSession);
assertIsGranted(pp, testRoot, true, TEST_A_PATH, Permissions.MODIFY_PROPERTY);
assertIsGranted(pp, testRoot, true, TEST_B_PATH, Permissions.MODIFY_PROPERTY);
assertIsGranted(pp, testRoot, false, TEST_C_PATH, Permissions.MODIFY_PROPERTY);
assertIsGranted(pp, testRoot, true, TEST_D_PATH, Permissions.MODIFY_PROPERTY);
assertIsGranted(pp, testRoot, true, TEST_E_PATH, Permissions.MODIFY_PROPERTY);
} finally {
testSession.close();
}
}
Also used :
Root(org.apache.jackrabbit.oak.api.Root)
PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 12 with ContentSession
use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.
the class ExternalPrincipalConfigurationTest method testGetValidatorsOmitIdProtection.
@Test
public void testGetValidatorsOmitIdProtection() throws Exception {
principalConfiguration.setParameters(ConfigurationParameters.of(ExternalIdentityConstants.PARAM_PROTECT_EXTERNAL_IDS, false));
ContentSession cs = root.getContentSession();
List<? extends ValidatorProvider> validatorProviders = principalConfiguration.getValidators(cs.getWorkspaceName(), cs.getAuthInfo().getPrincipals(), new MoveTracker());
assertFalse(validatorProviders.isEmpty());
assertEquals(1, validatorProviders.size());
assertTrue(validatorProviders.get(0) instanceof ExternalIdentityValidatorProvider);
enable();
validatorProviders = principalConfiguration.getValidators(cs.getWorkspaceName(), cs.getAuthInfo().getPrincipals(), new MoveTracker());
assertFalse(validatorProviders.isEmpty());
assertEquals(1, validatorProviders.size());
assertTrue(validatorProviders.get(0) instanceof ExternalIdentityValidatorProvider);
}
Also used :
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
MoveTracker(org.apache.jackrabbit.oak.spi.commit.MoveTracker)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Example 13 with ContentSession
use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.
the class DefaultConflictHandlerOursTest method setUp.
@Before
public void setUp() throws CommitFailedException {
ContentSession session = new Oak().with(new OpenSecurityProvider()).with(DefaultConflictHandler.OURS).createContentSession();
// Add test content
Root root = session.getLatestRoot();
Tree tree = root.getTree("/");
tree.setProperty("a", 1);
tree.setProperty("b", 2);
tree.setProperty("c", 3);
tree.addChild("x");
tree.addChild("y");
tree.addChild("z");
root.commit();
ourRoot = session.getLatestRoot();
theirRoot = session.getLatestRoot();
}
Also used :
Root(org.apache.jackrabbit.oak.api.Root)
Oak(org.apache.jackrabbit.oak.Oak)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
Tree(org.apache.jackrabbit.oak.api.Tree)
OpenSecurityProvider(org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider)
Before(org.junit.Before)
Example 14 with ContentSession
use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.
the class CompositeProviderNoScopeTest method before.
@Override
public void before() throws Exception {
super.before();
ContentSession cs = root.getContentSession();
Set<Principal> testPrincipals = ImmutableSet.of(getTestUser().getPrincipal(), EveryonePrincipal.getInstance());
cppTestUser = createPermissionProvider(testPrincipals);
defTestUser = getConfig(AuthorizationConfiguration.class).getPermissionProvider(root, cs.getWorkspaceName(), testPrincipals);
Set<Principal> adminPrincipals = cs.getAuthInfo().getPrincipals();
cppAdminUser = createPermissionProvider(adminPrincipals);
defAdminUser = getConfig(AuthorizationConfiguration.class).getPermissionProvider(root, cs.getWorkspaceName(), adminPrincipals);
}
Also used :
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)
Principal(java.security.Principal)
Example 15 with ContentSession
use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.
the class DefaultLdapLoginModuleTest method testGuestLogin.
/**
* Login with {@link javax.jcr.GuestCredentials} must succeed and result in
* an guest session as the SUFFICIENT
* {@link org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl}
* handles the guest login (in contrast to the ExternalLoginModule).
*
* @throws Exception
*/
@Test
public void testGuestLogin() throws Exception {
ContentSession cs = login(new GuestCredentials());
assertEquals(UserConstants.DEFAULT_ANONYMOUS_ID, cs.getAuthInfo().getUserID());
cs.close();
}
Also used :
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
GuestCredentials(javax.jcr.GuestCredentials)
Test(org.junit.Test)
Aggregations
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)146
Test (org.junit.Test)132
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)66
SimpleCredentials (javax.jcr.SimpleCredentials)60
Root (org.apache.jackrabbit.oak.api.Root)43
LoginException (javax.security.auth.login.LoginException)35
AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)26
Tree (org.apache.jackrabbit.oak.api.Tree)25
UserManager (org.apache.jackrabbit.api.security.user.UserManager)19
User (org.apache.jackrabbit.api.security.user.User)17
PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)15
GuestCredentials (javax.jcr.GuestCredentials)13
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)12
Principal (java.security.Principal)10
TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)10
CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)9
Group (org.apache.jackrabbit.api.security.user.Group)8
EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)8
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)7
PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)6
