Example 1 with ACE
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE in project jackrabbit-oak by apache.
the class EntryTest method testGetRestrictions.
@Test
public void testGetRestrictions() throws Exception {
Restriction nameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, nameValues);
Restriction globRestr = createRestriction(AccessControlConstants.REP_GLOB, globValue);
Set<Restriction> expected = ImmutableSet.of(nameRestr, globRestr);
ACE ace = createEntry(expected);
assertEquals(expected, ace.getRestrictions());
}
Also used :
Restriction(org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)
ACE(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE)
Test(org.junit.Test)
Example 2 with ACE
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE in project jackrabbit-oak by apache.
the class UtilTest method testGenerateName2.
@Test
public void testGenerateName2() throws AccessControlException {
ACE ace = new TestAce(false);
String name = Util.generateAceName(ace, 0);
assertTrue(name.startsWith(DENY));
assertEquals(DENY, name);
assertEquals(name, Util.generateAceName(ace, 0));
name = Util.generateAceName(ace, 2);
assertTrue(name.startsWith(DENY));
assertEquals(DENY + 2, name);
assertEquals(name, Util.generateAceName(ace, 2));
}
Also used :
ACE(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 3 with ACE
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE in project jackrabbit-oak by apache.
the class EntryTest method testGetRestrictionsForMultiValued2.
/**
* @since OAK 1.0: support for multi-value restrictions
*/
@Test
public void testGetRestrictionsForMultiValued2() throws Exception {
// single value restriction stored in multi-value property
Restriction singleNameRestr = createRestriction(AccessControlConstants.REP_NT_NAMES, new Value[] { nameValue });
ACE ace = createEntry(ImmutableSet.of(singleNameRestr));
Value[] vs = ace.getRestrictions(AccessControlConstants.REP_NT_NAMES);
assertEquals(1, vs.length);
assertEquals(nameValue, vs[0]);
}
Also used :
Restriction(org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)
ACE(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE)
Value(javax.jcr.Value)
Test(org.junit.Test)
Example 4 with ACE
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE in project jackrabbit-oak by apache.
the class EntryTest method testEquals2.
@Test
public void testEquals2() throws RepositoryException {
ACE ace = createEntry(PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_READ);
// priv array contains duplicates
ACE ace2 = createEntry(PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_READ);
assertEquals(ace, ace2);
}Example 5 with ACE
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE in project jackrabbit-oak by apache.
the class EntryTest method testEquals.
@Test
public void testEquals() throws RepositoryException {
Map<AccessControlEntry, AccessControlEntry> equalAces = new HashMap<AccessControlEntry, AccessControlEntry>();
ACE ace = createEntry(PrivilegeConstants.JCR_ALL);
// create same entry again
equalAces.put(ace, createEntry(PrivilegeConstants.JCR_ALL));
// create entry with declared aggregate privileges
Privilege[] declaredAllPrivs = acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL).getDeclaredAggregatePrivileges();
equalAces.put(ace, createEntry(testPrincipal, declaredAllPrivs, true));
// create entry with aggregate privileges
Privilege[] aggregateAllPrivs = acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL).getAggregatePrivileges();
equalAces.put(ace, createEntry(testPrincipal, aggregateAllPrivs, true));
// create entry with different privilege order
List<Privilege> reordered = new ArrayList<Privilege>(Arrays.asList(aggregateAllPrivs));
reordered.add(reordered.remove(0));
equalAces.put(createEntry(testPrincipal, reordered.toArray(new Privilege[reordered.size()]), true), createEntry(testPrincipal, aggregateAllPrivs, true));
// even if entries are build with aggregated or declared aggregate privileges
equalAces.put(createEntry(testPrincipal, declaredAllPrivs, true), createEntry(testPrincipal, aggregateAllPrivs, true));
for (AccessControlEntry entry : equalAces.keySet()) {
assertEquals(entry, equalAces.get(entry));
}
}
Also used :
ACE(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Privilege(javax.jcr.security.Privilege)
Test(org.junit.Test)
Aggregations
ACE (org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE)33
Test (org.junit.Test)25
Restriction (org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)12
Value (javax.jcr.Value)8
Privilege (javax.jcr.security.Privilege)5
Tree (org.apache.jackrabbit.oak.api.Tree)5
ArrayList (java.util.ArrayList)4
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)4
HashMap (java.util.HashMap)3
AccessControlEntry (javax.jcr.security.AccessControlEntry)3
AccessControlException (javax.jcr.security.AccessControlException)3
Principal (java.security.Principal)2
Nullable (javax.annotation.Nullable)2
JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)2
JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)2
ImmutableACL (org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ImmutableACL)2
PrivilegeBits (org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits)2
Predicate (com.google.common.base.Predicate)1
CheckForNull (javax.annotation.CheckForNull)1
RepositoryException (javax.jcr.RepositoryException)1
