use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testGetPoliciesInternalPrincipal.
@Test
public void testGetPoliciesInternalPrincipal() throws Exception {
Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
int i = 0;
while (unknown != null) {
unknown = getPrincipalManager(root).getPrincipal("unknown" + i);
}
unknown = new PrincipalImpl("unknown" + i);
assertEquals(0, acMgr.getPolicies(unknown).length);
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class L5_AccessControlListImplTest method testAddEntriesWithCustomKnownPrincipal.
public void testAddEntriesWithCustomKnownPrincipal() throws Exception {
Principal oakPrincipal = new PrincipalImpl(testPrincipal.getName());
Principal principal = new Principal() {
@Override
public String getName() {
return testPrincipal.getName();
}
};
assertTrue(acl.addAccessControlEntry(oakPrincipal, AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_READ)));
assertTrue(acl.addAccessControlEntry(principal, AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_READ_ACCESS_CONTROL)));
// EXERCISE
int expectedLength = -1;
assertEquals(expectedLength, acl.getAccessControlEntries().length);
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class UserManagementTest method testCreateWithIntermediateReadDeny2.
@Test
public void testCreateWithIntermediateReadDeny2() throws Exception {
String path = UserConstants.DEFAULT_GROUP_PATH + "/a";
JcrUtils.getOrCreateByPath(path, UserConstants.NT_REP_AUTHORIZABLE_FOLDER, superuser);
superuser.save();
try {
deny(UserConstants.DEFAULT_GROUP_PATH, privilegesFromName(Privilege.JCR_READ));
Privilege[] privs = privilegesFromNames(new String[] { Privilege.JCR_READ, PrivilegeConstants.REP_USER_MANAGEMENT, PrivilegeConstants.REP_WRITE });
allow(path, privs);
Group gr = getUserManager(testSession).createGroup(groupId, new PrincipalImpl(groupId), "a/b/c");
testSession.save();
} finally {
superuser.refresh(false);
superuser.getNode(UserConstants.DEFAULT_GROUP_PATH + "/a").remove();
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, UserConstants.DEFAULT_GROUP_PATH);
if (acl != null) {
acMgr.removePolicy(UserConstants.DEFAULT_GROUP_PATH, acl);
}
superuser.save();
}
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testEffectivePoliciesFiltering.
@Test
public void testEffectivePoliciesFiltering() throws Exception {
// create first policy with multiple ACEs for the test principal set.
ACL policy = getApplicablePolicy(testPath);
policy.addEntry(testPrincipal, testPrivileges, true, getGlobRestriction("*"));
policy.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_VERSION_MANAGEMENT), false);
policy.addEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.JCR_LIFECYCLE_MANAGEMENT), false);
assertEquals(3, policy.getAccessControlEntries().length);
acMgr.setPolicy(testPath, policy);
root.commit();
// different ways to create the principal-set to make sure the filtering
// doesn't rely on principal equality but rather on the name.
List<Principal> principals = ImmutableList.of(testPrincipal, new PrincipalImpl(testPrincipal.getName()), new Principal() {
@Override
public String getName() {
return testPrincipal.getName();
}
});
for (Principal princ : principals) {
AccessControlPolicy[] policies = acMgr.getEffectivePolicies(ImmutableSet.of(princ));
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlList acl = (AccessControlList) policies[0];
assertEquals(2, acl.getAccessControlEntries().length);
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
assertEquals(princ.getName(), ace.getPrincipal().getName());
}
}
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class ImpersonationImplEmptyTest method testGrantAgain.
@Test
public void testGrantAgain() throws Exception {
final Principal principal = getTestUser().getPrincipal();
impersonation.grantImpersonation(principal);
assertFalse(impersonation.grantImpersonation(principal));
assertFalse(impersonation.grantImpersonation(new PrincipalImpl(principal.getName())));
assertFalse(impersonation.grantImpersonation(new Principal() {
@Override
public String getName() {
return principal.getName();
}
}));
}
Aggregations