Search in sources :

Example 41 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class CugConfigurationOsgiTest method testCugExcludeExcludedPrincipal.

@Test
public void testCugExcludeExcludedPrincipal() {
    context.registerInjectActivateService(cugExclude, ImmutableMap.of("principalNames", new String[] { EXCLUDED_PRINCIPAL_NAME }));
    context.registerInjectActivateService(cugConfiguration, PROPERTIES);
    AuthorizationConfiguration config = context.getService(AuthorizationConfiguration.class);
    PermissionProvider permissionProvider = config.getPermissionProvider(root, wspName, ImmutableSet.of(new PrincipalImpl(EXCLUDED_PRINCIPAL_NAME)));
    assertSame(EmptyPermissionProvider.getInstance(), permissionProvider);
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) EmptyPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider) PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 42 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class UserPrincipalProviderWithCacheTest method testGroupPrincipalNameEscape.

@Test
public void testGroupPrincipalNameEscape() throws Exception {
    String gId = null;
    try {
        Principal groupPrincipal = new PrincipalImpl(groupId + ",,%,%%");
        Group gr = getUserManager(root).createGroup(groupPrincipal);
        gId = gr.getID();
        gr.addMember(getTestUser());
        root.commit();
        systemRoot.refresh();
        PrincipalProvider pp = createPrincipalProvider(systemRoot);
        Set<? extends Principal> principals = pp.getPrincipals(userId);
        assertTrue(principals.contains(groupPrincipal));
        principals = pp.getPrincipals(userId);
        assertTrue(principals.contains(groupPrincipal));
    } finally {
        root.refresh();
        if (gId != null) {
            getUserManager(root).getAuthorizable(gId).remove();
            root.commit();
        }
    }
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) PrincipalProvider(org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider) GroupPrincipal(org.apache.jackrabbit.api.security.principal.GroupPrincipal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Principal(java.security.Principal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) AbstractPrincipalProviderTest(org.apache.jackrabbit.oak.security.principal.AbstractPrincipalProviderTest) Test(org.junit.Test)

Example 43 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class EveryoneGroupTest method testGroupPrincipal.

@Test
public void testGroupPrincipal() throws Exception {
    Principal everyonePrincipal = everyone.getPrincipal();
    assertTrue(everyonePrincipal instanceof GroupPrincipal);
    assertTrue(everyonePrincipal.equals(EveryonePrincipal.getInstance()));
    assertTrue(EveryonePrincipal.getInstance().equals(everyonePrincipal));
    GroupPrincipal gr = (GroupPrincipal) everyonePrincipal;
    assertFalse(gr.isMember(everyonePrincipal));
    assertTrue(gr.isMember(getTestUser(superuser).getPrincipal()));
    assertTrue(gr.isMember(new PrincipalImpl("test")));
}
Also used : GroupPrincipal(org.apache.jackrabbit.api.security.principal.GroupPrincipal) Principal(java.security.Principal) GroupPrincipal(org.apache.jackrabbit.api.security.principal.GroupPrincipal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Example 44 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class ExternalGroupPrincipalProviderTest method testGetGroupMembershipExternalUser2.

@Test
public void testGetGroupMembershipExternalUser2() throws Exception {
    Authorizable user = getUserManager(root).getAuthorizable(USER_ID);
    assertNotNull(user);
    Set<Principal> expected = getExpectedGroupPrincipals(USER_ID);
    // same as in test before even if the principal is not a tree-based-principal
    Set<? extends Principal> principals = principalProvider.getMembershipPrincipals(new PrincipalImpl(user.getPrincipal().getName()));
    assertEquals(expected, principals);
}
Also used : Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) GroupPrincipal(org.apache.jackrabbit.api.security.principal.GroupPrincipal) Principal(java.security.Principal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Example 45 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class ExternalGroupPrincipalProviderTest method testGetGroupMembershipDefaultSync2.

@Test
public void testGetGroupMembershipDefaultSync2() throws Exception {
    // synchronized by default sync-context => no 'dynamic' group principals
    Authorizable user = getUserManager(root).getAuthorizable(TestIdentityProvider.ID_SECOND_USER);
    assertNotNull(user);
    // same as in test before even if the principal is not a tree-based-principal
    Set<? extends Principal> principals = principalProvider.getMembershipPrincipals(new PrincipalImpl(user.getPrincipal().getName()));
    assertTrue(principals.isEmpty());
}
Also used : Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Aggregations

PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)96 Test (org.junit.Test)66 Principal (java.security.Principal)40 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)24 Group (org.apache.jackrabbit.api.security.user.Group)22 User (org.apache.jackrabbit.api.security.user.User)20 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)20 UserManager (org.apache.jackrabbit.api.security.user.UserManager)16 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)15 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)12 GroupPrincipal (org.apache.jackrabbit.api.security.principal.GroupPrincipal)11 Session (javax.jcr.Session)9 SimpleCredentials (javax.jcr.SimpleCredentials)7 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)6 ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)6 CugPolicy (org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy)6 HashSet (java.util.HashSet)5 ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)5 AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)5 EmptyPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider)5