use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.
the class AccessControlListIndexDocumentFactoryTest method single_user_all_permissions.
@Test
public void single_user_all_permissions() throws Exception {
final AccessControlList acl = AccessControlList.create().add(AccessControlEntry.create().allow(Permission.READ).allow(Permission.PUBLISH).allow(Permission.WRITE_PERMISSIONS).allow(Permission.READ_PERMISSIONS).allow(Permission.MODIFY).allow(Permission.CREATE).allow(Permission.DELETE).principal(PrincipalKey.from("user:myidprovider:rmy")).build()).build();
final List<IndexItem> aclStoreDocumentItems = AccessControlListStoreDocumentFactory.create(acl);
assertEquals(7, aclStoreDocumentItems.size());
}
use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.
the class NodeVersionJsonDumpSerializerTest method serialize_deserialize.
@Test
public void serialize_deserialize() throws Exception {
PropertyTree nodeData = new PropertyTree();
nodeData.setDouble("a.b.c", 2.0);
nodeData.setLocalDate("b", LocalDate.of(2013, 1, 2));
nodeData.setString("c", "runar");
nodeData.setLocalDateTime("d", LocalDateTime.of(2013, 1, 2, 3, 4, 5, 0));
nodeData.setBinaryReference("e", BinaryReference.from("myImage1"));
nodeData.setBinaryReference("f", BinaryReference.from("myImage2"));
final AccessControlEntry entry1 = AccessControlEntry.create().principal(PrincipalKey.ofAnonymous()).allow(Permission.READ).deny(Permission.DELETE).build();
final AccessControlEntry entry2 = AccessControlEntry.create().principal(PrincipalKey.ofUser(IdProviderKey.system(), "user1")).allow(Permission.MODIFY).deny(Permission.PUBLISH).build();
AccessControlList acl = AccessControlList.create().add(entry1).add(entry2).build();
IndexValueProcessor indexValueProcessor = new IndexValueProcessor() {
@Override
public Value process(final Value value) {
return value;
}
@Override
public String getName() {
return "indexValueProcessor";
}
};
IndexConfig indexConfig = IndexConfig.create().enabled(true).fulltext(true).nGram(true).decideByType(false).includeInAllText(true).path(true).addIndexValueProcessor(indexValueProcessor).addIndexValueProcessor(indexValueProcessor).build();
NodeVersion nodeVersion = NodeVersion.create().id(NodeId.from("myId")).indexConfigDocument(PatternIndexConfigDocument.create().analyzer("myAnalyzer").defaultConfig(IndexConfig.MINIMAL).add("myPath", indexConfig).build()).data(nodeData).childOrder(ChildOrder.create().add(FieldOrderExpr.create(IndexPath.from("modifiedTime"), OrderExpr.Direction.ASC)).add(FieldOrderExpr.create(IndexPath.from("displayName"), OrderExpr.Direction.DESC)).build()).permissions(acl).nodeType(NodeType.from("myNodeType")).attachedBinaries(AttachedBinaries.create().add(new AttachedBinary(BinaryReference.from("myImage1"), "a")).add(new AttachedBinary(BinaryReference.from("myImage2"), "b")).build()).build();
final String expectedNodeStr = readJson("serialized-node.json");
final String expectedIndexConfigStr = readJson("serialized-index.json");
final String expectedAccessControlStr = readJson("serialized-access.json");
final String serializedNode = new String(this.serializer.toNodeString(nodeVersion), StandardCharsets.UTF_8);
final String serializedIndexConfig = new String(this.serializer.toIndexConfigDocumentString(nodeVersion), StandardCharsets.UTF_8);
final String serializedAccessControl = new String(this.serializer.toAccessControlString(nodeVersion), StandardCharsets.UTF_8);
assertEquals(expectedNodeStr, serializedNode);
assertEquals(expectedIndexConfigStr, serializedIndexConfig);
assertEquals(expectedAccessControlStr, serializedAccessControl);
final NodeVersion deSerializedNode = this.serializer.toNodeVersion(expectedNodeStr.getBytes(StandardCharsets.UTF_8), expectedIndexConfigStr.getBytes(StandardCharsets.UTF_8), expectedAccessControlStr.getBytes(StandardCharsets.UTF_8));
assertEquals(nodeVersion, deSerializedNode);
}
use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.
the class ModifyNodeExecutorTest method update_permissions.
@Test
public void update_permissions() throws Exception {
final Node originalNode = Node.create().name("myNode").parentPath(NodePath.ROOT).permissions(AccessControlList.empty()).build();
final EditableNode editableNode = new EditableNode(originalNode);
final PropertyTree updateScript = new PropertyTree();
final PropertySet propertySet = new PropertySet();
propertySet.setString("principal", "role:newRole");
propertySet.addString("allow", "READ");
propertySet.addString("allow", "MODIFY");
updateScript.addSet("_permissions", propertySet);
ModifyNodeExecutor.create().editableNode(editableNode).propertyTree(updateScript).build().execute();
final AccessControlList newPermissions = AccessControlList.create().add(AccessControlEntry.create().principal(PrincipalKey.from("role:newRole")).allow(Permission.READ, Permission.MODIFY).build()).build();
assertEquals(newPermissions, editableNode.permissions);
}
use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.
the class PermissionsFactoryTest method full.
@Test
public void full() throws Exception {
final AccessControlList acl = create(" { \"_permissions\": [\n" + " {\n" + " \"principal\": \"user:system:anonymous\",\n" + " \"allow\": [\n" + " \"READ\"\n" + " ],\n" + " \"deny\": []\n" + " },\n" + " {\n" + " \"principal\": \"role:admin\",\n" + " \"allow\": [\n" + " \"READ\",\n" + " \"CREATE\",\n" + " \"MODIFY\",\n" + " \"DELETE\",\n" + " \"PUBLISH\",\n" + " \"READ_PERMISSIONS\",\n" + " \"WRITE_PERMISSIONS\"\n" + " ],\n" + " \"deny\": []\n" + " },\n" + " {\n" + " \"principal\": \"role:everyone\",\n" + " \"allow\": [\n" + " \"READ\"\n" + " ],\n" + " \"deny\": [" + " \"DELETE\"\n " + " ]" + " },\n" + " {\n" + " \"principal\": \"role:authenticated\",\n" + " \"deny\": [" + " \"DELETE\"\n " + " ]" + " }\n" + " ]" + "}");
assertNotNull(acl);
checkAllowed(acl, "role:everyone", Permission.READ);
checkDenied(acl, "role:everyone", Permission.CREATE, Permission.DELETE, Permission.MODIFY, Permission.MODIFY);
checkAllowed(acl, "user:system:anonymous", Permission.READ);
checkDenied(acl, "user:system:anonymous", Permission.CREATE, Permission.DELETE, Permission.MODIFY, Permission.MODIFY);
checkAllowed(acl, "role:admin", Permission.READ, Permission.MODIFY, Permission.CREATE, Permission.DELETE, Permission.PUBLISH);
checkAllowed(acl, "role:authenticated", Permission.READ, Permission.MODIFY, Permission.CREATE, Permission.PUBLISH);
checkDenied(acl, "role:authenticated", Permission.DELETE);
}
use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.
the class PermissionsFactoryTest method empty.
@Test
public void empty() throws Exception {
final AccessControlList acl = create("{}");
assertNotNull(acl);
checkAllowed(acl, RoleKeys.ADMIN.toString(), Permission.READ, Permission.MODIFY, Permission.CREATE, Permission.DELETE, Permission.PUBLISH);
checkAllowed(acl, RoleKeys.EVERYONE.toString(), Permission.READ);
}
Aggregations