Examples with AccessDeniedException - javax.jcr.AccessDeniedException

Example 81 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit-oak by apache.

the class UserManagementTest method testGlobRestriction.

@Test
public void testGlobRestriction() throws Exception {
    String groupHome = Text.getRelativeParent(UserConstants.DEFAULT_GROUP_PATH, 1);
    Privilege[] privs = privilegesFromName(PrivilegeConstants.REP_USER_MANAGEMENT);
    allow(groupHome, privs);
    deny(groupHome, privs, createGlobRestriction("*/" + UserConstants.REP_MEMBERS));
    UserManager testUserMgr = getUserManager(testSession);
    // creating a new group must be allow
    Group gr = testUserMgr.createGroup(groupId);
    testSession.save();
    // modifying group membership must be denied
    try {
        gr.addMember(testUserMgr.getAuthorizable(testSession.getUserID()));
        testSession.save();
        fail();
    } catch (AccessDeniedException e) {
    // success
    } finally {
        testSession.refresh(false);
    }
}

Also used : Group(org.apache.jackrabbit.api.security.user.Group) AccessDeniedException(javax.jcr.AccessDeniedException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Privilege(javax.jcr.security.Privilege) Test(org.junit.Test)

Example 82 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit-oak by apache.

the class SessionMoveTest method testMoveAndAddProperty.

@Test
public void testMoveAndAddProperty() throws Exception {
    setupMovePermissions();
    testSession.move(nodePath3, siblingDestPath);
    Node destNode = testSession.getNode(siblingDestPath);
    Property p = destNode.setProperty("newProp", "val");
    try {
        testSession.save();
        fail("Missing ADD_PROPERTY permission.");
    } catch (AccessDeniedException e) {
    // success
    }
}

Also used : AccessDeniedException(javax.jcr.AccessDeniedException) Node(javax.jcr.Node) Property(javax.jcr.Property) Test(org.junit.Test)

Example 83 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit-oak by apache.

the class SessionMoveTest method testMoveAndAddReplacementAtSource.

@Test
public void testMoveAndAddReplacementAtSource() throws Exception {
    allow(path, privilegesFromNames(new String[] { Privilege.JCR_REMOVE_CHILD_NODES, Privilege.JCR_ADD_CHILD_NODES }));
    allow(siblingPath, privilegesFromNames(new String[] { PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_NODE_TYPE_MANAGEMENT }));
    testSession.move(nodePath3, siblingDestPath);
    Node sourceParent = testSession.getNode(childNPath);
    Node replacement = sourceParent.addNode(Text.getName(nodePath3));
    replacement.setProperty("movedProp", "val");
    try {
        testSession.save();
        fail("Missing ADD_NODE and ADD_PROPERTY permission on source parent.");
    } catch (AccessDeniedException e) {
    // success
    }
}

Also used : AccessDeniedException(javax.jcr.AccessDeniedException) Node(javax.jcr.Node) Test(org.junit.Test)

Example 84 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit-oak by apache.

the class SessionMoveTest method testMoveAndAddPropertyAtSource.

@Test
public void testMoveAndAddPropertyAtSource() throws Exception {
    setupMovePermissions();
    testSession.move(nodePath3, siblingDestPath);
    Node n = testSession.getNode(childNPath);
    Property p = n.setProperty("newProp", "val");
    try {
        testSession.save();
        fail("Missing ADD_PROPERTY permission.");
    } catch (AccessDeniedException e) {
    // success
    }
}

Also used : AccessDeniedException(javax.jcr.AccessDeniedException) Node(javax.jcr.Node) Property(javax.jcr.Property) Test(org.junit.Test)

Example 85 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit-oak by apache.

the class SessionMoveTest method testMoveAndRemovePropertyAtSource.

@Test
public void testMoveAndRemovePropertyAtSource() throws Exception {
    setupMovePermissions();
    testSession.move(nodePath3, siblingDestPath);
    Node n = testSession.getNode(childNPath);
    assertTrue(n.hasProperty(propertyName1));
    n.getProperty(propertyName1).remove();
    try {
        testSession.save();
        fail("Missing REMOVE_PROPERTY permission.");
    } catch (AccessDeniedException e) {
    // success
    }
}

Also used : AccessDeniedException(javax.jcr.AccessDeniedException) Node(javax.jcr.Node) Test(org.junit.Test)

Aggregations

AccessDeniedException (javax.jcr.AccessDeniedException)189 Node (javax.jcr.Node)80 Test (org.junit.Test)68 Session (javax.jcr.Session)33 RepositoryException (javax.jcr.RepositoryException)23 Privilege (javax.jcr.security.Privilege)22 UserManager (org.apache.jackrabbit.api.security.user.UserManager)19 Workspace (javax.jcr.Workspace)18 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)15 ItemNotFoundException (javax.jcr.ItemNotFoundException)13 PathNotFoundException (javax.jcr.PathNotFoundException)13 Path (org.apache.jackrabbit.spi.Path)13 Principal (java.security.Principal)11 User (org.apache.jackrabbit.api.security.user.User)11 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)10 AccessControlManager (javax.jcr.security.AccessControlManager)9 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)9 Property (javax.jcr.Property)8 JackrabbitWorkspace (org.apache.jackrabbit.api.JackrabbitWorkspace)8 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)7