Examples with AccessControlList com.enonic.xp.security.acl.AccessControlList used on opensource projects

Example 26 with AccessControlList

use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.

the class AccessControlListIndexDocumentFactoryTest method single_user_all_permissions.

@Test
public void single_user_all_permissions() throws Exception {
    final AccessControlList acl = AccessControlList.create().add(AccessControlEntry.create().allow(Permission.READ).allow(Permission.PUBLISH).allow(Permission.WRITE_PERMISSIONS).allow(Permission.READ_PERMISSIONS).allow(Permission.MODIFY).allow(Permission.CREATE).allow(Permission.DELETE).principal(PrincipalKey.from("user:myidprovider:rmy")).build()).build();
    final List<IndexItem> aclStoreDocumentItems = AccessControlListStoreDocumentFactory.create(acl);
    assertEquals(7, aclStoreDocumentItems.size());
}

Example 27 with AccessControlList

use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.

the class NodeVersionJsonDumpSerializerTest method serialize_deserialize.

@Test
public void serialize_deserialize() throws Exception {
    PropertyTree nodeData = new PropertyTree();
    nodeData.setDouble("a.b.c", 2.0);
    nodeData.setLocalDate("b", LocalDate.of(2013, 1, 2));
    nodeData.setString("c", "runar");
    nodeData.setLocalDateTime("d", LocalDateTime.of(2013, 1, 2, 3, 4, 5, 0));
    nodeData.setBinaryReference("e", BinaryReference.from("myImage1"));
    nodeData.setBinaryReference("f", BinaryReference.from("myImage2"));
    final AccessControlEntry entry1 = AccessControlEntry.create().principal(PrincipalKey.ofAnonymous()).allow(Permission.READ).deny(Permission.DELETE).build();
    final AccessControlEntry entry2 = AccessControlEntry.create().principal(PrincipalKey.ofUser(IdProviderKey.system(), "user1")).allow(Permission.MODIFY).deny(Permission.PUBLISH).build();
    AccessControlList acl = AccessControlList.create().add(entry1).add(entry2).build();
    IndexValueProcessor indexValueProcessor = new IndexValueProcessor() {

        @Override
        public Value process(final Value value) {
            return value;
        }

        @Override
        public String getName() {
            return "indexValueProcessor";
        }
    };
    IndexConfig indexConfig = IndexConfig.create().enabled(true).fulltext(true).nGram(true).decideByType(false).includeInAllText(true).path(true).addIndexValueProcessor(indexValueProcessor).addIndexValueProcessor(indexValueProcessor).build();
    NodeVersion nodeVersion = NodeVersion.create().id(NodeId.from("myId")).indexConfigDocument(PatternIndexConfigDocument.create().analyzer("myAnalyzer").defaultConfig(IndexConfig.MINIMAL).add("myPath", indexConfig).build()).data(nodeData).childOrder(ChildOrder.create().add(FieldOrderExpr.create(IndexPath.from("modifiedTime"), OrderExpr.Direction.ASC)).add(FieldOrderExpr.create(IndexPath.from("displayName"), OrderExpr.Direction.DESC)).build()).permissions(acl).nodeType(NodeType.from("myNodeType")).attachedBinaries(AttachedBinaries.create().add(new AttachedBinary(BinaryReference.from("myImage1"), "a")).add(new AttachedBinary(BinaryReference.from("myImage2"), "b")).build()).build();
    final String expectedNodeStr = readJson("serialized-node.json");
    final String expectedIndexConfigStr = readJson("serialized-index.json");
    final String expectedAccessControlStr = readJson("serialized-access.json");
    final String serializedNode = new String(this.serializer.toNodeString(nodeVersion), StandardCharsets.UTF_8);
    final String serializedIndexConfig = new String(this.serializer.toIndexConfigDocumentString(nodeVersion), StandardCharsets.UTF_8);
    final String serializedAccessControl = new String(this.serializer.toAccessControlString(nodeVersion), StandardCharsets.UTF_8);
    assertEquals(expectedNodeStr, serializedNode);
    assertEquals(expectedIndexConfigStr, serializedIndexConfig);
    assertEquals(expectedAccessControlStr, serializedAccessControl);
    final NodeVersion deSerializedNode = this.serializer.toNodeVersion(expectedNodeStr.getBytes(StandardCharsets.UTF_8), expectedIndexConfigStr.getBytes(StandardCharsets.UTF_8), expectedAccessControlStr.getBytes(StandardCharsets.UTF_8));
    assertEquals(nodeVersion, deSerializedNode);
}

Example 28 with AccessControlList

use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.

the class ModifyNodeExecutorTest method update_permissions.

@Test
public void update_permissions() throws Exception {
    final Node originalNode = Node.create().name("myNode").parentPath(NodePath.ROOT).permissions(AccessControlList.empty()).build();
    final EditableNode editableNode = new EditableNode(originalNode);
    final PropertyTree updateScript = new PropertyTree();
    final PropertySet propertySet = new PropertySet();
    propertySet.setString("principal", "role:newRole");
    propertySet.addString("allow", "READ");
    propertySet.addString("allow", "MODIFY");
    updateScript.addSet("_permissions", propertySet);
    ModifyNodeExecutor.create().editableNode(editableNode).propertyTree(updateScript).build().execute();
    final AccessControlList newPermissions = AccessControlList.create().add(AccessControlEntry.create().principal(PrincipalKey.from("role:newRole")).allow(Permission.READ, Permission.MODIFY).build()).build();
    assertEquals(newPermissions, editableNode.permissions);
}

Example 29 with AccessControlList

use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.

the class PermissionsFactoryTest method full.

@Test
public void full() throws Exception {
    final AccessControlList acl = create(" { \"_permissions\": [\n" + "        {\n" + "            \"principal\": \"user:system:anonymous\",\n" + "            \"allow\": [\n" + "                \"READ\"\n" + "            ],\n" + "            \"deny\": []\n" + "        },\n" + "        {\n" + "            \"principal\": \"role:admin\",\n" + "            \"allow\": [\n" + "                \"READ\",\n" + "                \"CREATE\",\n" + "                \"MODIFY\",\n" + "                \"DELETE\",\n" + "                \"PUBLISH\",\n" + "                \"READ_PERMISSIONS\",\n" + "                \"WRITE_PERMISSIONS\"\n" + "            ],\n" + "            \"deny\": []\n" + "        },\n" + "        {\n" + "            \"principal\": \"role:everyone\",\n" + "            \"allow\": [\n" + "                \"READ\"\n" + "            ],\n" + "            \"deny\": [" + "               \"DELETE\"\n " + "            ]" + "        },\n" + "        {\n" + "            \"principal\": \"role:authenticated\",\n" + "            \"deny\": [" + "               \"DELETE\"\n " + "            ]" + "        }\n" + "    ]" + "}");
    assertNotNull(acl);
    checkAllowed(acl, "role:everyone", Permission.READ);
    checkDenied(acl, "role:everyone", Permission.CREATE, Permission.DELETE, Permission.MODIFY, Permission.MODIFY);
    checkAllowed(acl, "user:system:anonymous", Permission.READ);
    checkDenied(acl, "user:system:anonymous", Permission.CREATE, Permission.DELETE, Permission.MODIFY, Permission.MODIFY);
    checkAllowed(acl, "role:admin", Permission.READ, Permission.MODIFY, Permission.CREATE, Permission.DELETE, Permission.PUBLISH);
    checkAllowed(acl, "role:authenticated", Permission.READ, Permission.MODIFY, Permission.CREATE, Permission.PUBLISH);
    checkDenied(acl, "role:authenticated", Permission.DELETE);
}

Example 30 with AccessControlList

use of com.enonic.xp.security.acl.AccessControlList in project xp by enonic.

the class PermissionsFactoryTest method empty.

@Test
public void empty() throws Exception {
    final AccessControlList acl = create("{}");
    assertNotNull(acl);
    checkAllowed(acl, RoleKeys.ADMIN.toString(), Permission.READ, Permission.MODIFY, Permission.CREATE, Permission.DELETE, Permission.PUBLISH);
    checkAllowed(acl, RoleKeys.EVERYONE.toString(), Permission.READ);
}