Examples with PrincipalImpl org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl used on opensource projects

Example 96 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class DefaultSyncContext method createGroup.

/**
 * Creates a new repository group for the given external one.
 * Note that this method only creates the authorizable but does not perform any synchronization.
 *
 * @param externalGroup the external group
 * @return the repository group
 * @throws RepositoryException if an error occurs
 */
@NotNull
protected Group createGroup(@NotNull ExternalGroup externalGroup) throws RepositoryException {
    Principal principal = new PrincipalImpl(externalGroup.getPrincipalName());
    Group group = userManager.createGroup(externalGroup.getId(), principal, PathUtils.concatRelativePaths(config.group().getPathPrefix(), externalGroup.getIntermediatePath()));
    setExternalId(group, externalGroup);
    return group;
}

Example 97 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class ExternalLoginAutoMembershipTest method testLoginSyncAutoMembershipSetup1.

@Test
public void testLoginSyncAutoMembershipSetup1() throws Exception {
    try (ContentSession cs = login(new SimpleCredentials(USER_ID, new char[0]))) {
        // the login must set the existing auto-membership principals to the subject
        Set<Principal> principals = cs.getAuthInfo().getPrincipals();
        assertTrue(principals.contains(setup1.gr.getPrincipal()));
        assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
        assertFalse(principals.contains(setup2.gr.getPrincipal()));
        assertFalse(principals.contains(setup3.gr.getPrincipal()));
        // however, the existing auto-membership group must _not_ have changed
        // and the test user must not be a stored member of this group.
        root.refresh();
        UserManager uMgr = getUserManager(root);
        User user = uMgr.getAuthorizable(USER_ID, User.class);
        Group gr = uMgr.getAuthorizable(setup1.gr.getID(), Group.class);
        assertFalse(gr.isDeclaredMember(user));
        assertFalse(gr.isMember(user));
    }
}

Example 98 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class ExternalLoginAutoMembershipTest method testLoginAfterSyncSetup5.

@Test
public void testLoginAfterSyncSetup5() throws Exception {
    setup5.sync(USER_ID, false);
    try (ContentSession cs = login(new SimpleCredentials(USER_ID, new char[0]))) {
        // the login must not set any auto-membership principals to the subject
        // as auto-membership is not configured on this setup.
        Set<Principal> principals = cs.getAuthInfo().getPrincipals();
        Set<Principal> expected = ImmutableSet.of(EveryonePrincipal.getInstance(), userManager.getAuthorizable(USER_ID).getPrincipal());
        assertEquals(expected, principals);
        assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
        assertFalse(principals.contains(setup1.gr.getPrincipal()));
        assertFalse(principals.contains(setup2.gr.getPrincipal()));
        assertFalse(principals.contains(setup3.gr.getPrincipal()));
        assertFalse(principals.contains(setup4.gr.getPrincipal()));
    }
}

Example 99 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class ExternalLoginAutoMembershipTest method testLoginAfterSyncSetup1.

@Test
public void testLoginAfterSyncSetup1() throws Exception {
    setup1.sync(USER_ID, false);
    try (ContentSession cs = login(new SimpleCredentials(USER_ID, new char[0]))) {
        // the login must set the configured + existing auto-membership principals
        // to the subject; non-existing auto-membership entries must be ignored.
        Set<Principal> principals = cs.getAuthInfo().getPrincipals();
        assertTrue(principals.contains(setup1.gr.getPrincipal()));
        assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
        assertFalse(principals.contains(setup2.gr.getPrincipal()));
        assertFalse(principals.contains(setup3.gr.getPrincipal()));
        // however, the existing auto-membership group must _not_ have changed
        // and the test user must not be a stored member of this group.
        root.refresh();
        UserManager uMgr = getUserManager(root);
        User user = uMgr.getAuthorizable(USER_ID, User.class);
        Group gr = uMgr.getAuthorizable(setup1.gr.getID(), Group.class);
        assertFalse(gr.isDeclaredMember(user));
        assertFalse(gr.isMember(user));
    }
}

Example 100 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class ExternalLoginAutoMembershipTest method testLoginAfterSyncSetup4.

@Test
public void testLoginAfterSyncSetup4() throws Exception {
    setup4.sync(USER_ID, false);
    try (ContentSession cs = login(new SimpleCredentials(USER_ID, new char[0]))) {
        // the login must set the existing auto-membership principals to the subject
        Set<Principal> principals = cs.getAuthInfo().getPrincipals();
        assertTrue(principals.contains(setup4.gr.getPrincipal()));
        assertTrue(principals.contains(setup2.gr.getPrincipal()));
        assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
        assertFalse(principals.contains(setup1.gr.getPrincipal()));
        assertFalse(principals.contains(setup3.gr.getPrincipal()));
        // however, the existing auto-membership group must _not_ have changed
        // and the test user must not be a stored member of this group.
        root.refresh();
        UserManager uMgr = getUserManager(root);
        User user = uMgr.getAuthorizable(USER_ID, User.class);
        Group gr = uMgr.getAuthorizable(setup4.gr.getID(), Group.class);
        assertFalse(gr.isDeclaredMember(user));
        assertFalse(gr.isMember(user));
    }
}