Examples with AccessDeniedException javax.jcr.AccessDeniedException used on opensource projects

Search in sources :

Example 26 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit by apache.

the class AbstractRepositoryOperationTest method testUnregisterNamespace.

public void testUnregisterNamespace() throws Exception {
    assertDefaultPrivileges(NameConstants.JCR_NAMESPACE_MANAGEMENT);
    assertPermission(Permission.NAMESPACE_MNGMT, false);
    Workspace wsp = superuser.getWorkspace();
    String pfx = getNewNamespacePrefix(wsp);
    wsp.getNamespaceRegistry().registerNamespace(pfx, getNewNamespaceURI(wsp));
    try {
        Workspace testWsp = getTestWorkspace();
        testWsp.getNamespaceRegistry().unregisterNamespace(pfx);
        fail("Namespace unregistration should be denied.");
    } catch (AccessDeniedException e) {
    // success
    } finally {
        // clean up (not supported by jackrabbit-core)
        try {
            superuser.getWorkspace().getNamespaceRegistry().unregisterNamespace(pfx);
        } catch (Exception e) {
        // ns unregistration is not supported by jackrabbit-core.
        }
    }
}
Also used : AccessDeniedException(javax.jcr.AccessDeniedException) AccessDeniedException(javax.jcr.AccessDeniedException) RepositoryException(javax.jcr.RepositoryException) UnsupportedRepositoryOperationException(javax.jcr.UnsupportedRepositoryOperationException) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) Workspace(javax.jcr.Workspace)

Example 27 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit by apache.

the class AbstractRepositoryOperationTest method testWorkspaceCreation.

public void testWorkspaceCreation() throws Exception {
    assertDefaultPrivileges(NameConstants.JCR_WORKSPACE_MANAGEMENT);
    String wspName = getNewWorkspaceName(superuser.getWorkspace());
    try {
        getTestWorkspace().createWorkspace(wspName);
        fail("Workspace creation should be denied.");
    } catch (AccessDeniedException e) {
    // success
    }
    wspName = getNewWorkspaceName(superuser.getWorkspace());
    try {
        Workspace wsp = getTestWorkspace();
        wsp.createWorkspace(wspName, wsp.getName());
        fail("Workspace creation should be denied.");
    } catch (AccessDeniedException e) {
    // success
    }
}
Also used : AccessDeniedException(javax.jcr.AccessDeniedException) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) Workspace(javax.jcr.Workspace)

Example 28 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit by apache.

the class AbstractRepositoryOperationTest method testRegisterNamespace.

public void testRegisterNamespace() throws Exception {
    assertDefaultPrivileges(NameConstants.JCR_NAMESPACE_MANAGEMENT);
    assertPermission(Permission.NODE_TYPE_DEF_MNGMT, false);
    try {
        Workspace testWsp = getTestWorkspace();
        testWsp.getNamespaceRegistry().registerNamespace(getNewNamespacePrefix(testWsp), getNewNamespaceURI(testWsp));
        fail("Namespace registration should be denied.");
    } catch (AccessDeniedException e) {
    // success
    }
}
Also used : AccessDeniedException(javax.jcr.AccessDeniedException) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) Workspace(javax.jcr.Workspace)

Example 29 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit by apache.

the class AbstractWriteTest method testAccessControlRead.

public void testAccessControlRead() throws NotExecutableException, RepositoryException {
    AccessControlManager testAcMgr = getTestACManager();
    checkReadOnly(path);
    // re-grant READ in order to have an ACL-node
    Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
    JackrabbitAccessControlList tmpl = givePrivileges(path, privileges, getRestrictions(superuser, path));
    // make sure the 'rep:policy' node has been created.
    assertTrue(superuser.itemExists(tmpl.getPath() + "/rep:policy"));
    Session testSession = getTestSession();
    /*
         Testuser must still have READ-only access only and must not be
         allowed to view the acl-node that has been created.
        */
    assertFalse(testAcMgr.hasPrivileges(path, privilegesFromName(Privilege.JCR_READ_ACCESS_CONTROL)));
    assertFalse(testSession.itemExists(path + "/rep:policy"));
    Node n = testSession.getNode(tmpl.getPath());
    assertFalse(n.hasNode("rep:policy"));
    try {
        n.getNode("rep:policy");
        fail("Accessing the rep:policy node must throw PathNotFoundException.");
    } catch (PathNotFoundException e) {
    // ok.
    }
    /* Finally the test user must not be allowed to remove the policy. */
    try {
        testAcMgr.removePolicy(path, new AccessControlPolicy() {
        });
        fail("Test user must not be allowed to remove the access control policy.");
    } catch (AccessDeniedException e) {
    // success
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessDeniedException(javax.jcr.AccessDeniedException) JackrabbitNode(org.apache.jackrabbit.api.JackrabbitNode) Node(javax.jcr.Node) PathNotFoundException(javax.jcr.PathNotFoundException) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Session(javax.jcr.Session)

Example 30 with AccessDeniedException

use of javax.jcr.AccessDeniedException in project jackrabbit by apache.

the class AbstractWriteTest method testAccessControlModification.

public void testAccessControlModification() throws RepositoryException, NotExecutableException {
    AccessControlManager testAcMgr = getTestACManager();
    /* precondition:
          testuser must have READ-only permission on test-node and below
        */
    checkReadOnly(path);
    Session testSession = getTestSession();
    // give 'testUser' ADD_CHILD_NODES|MODIFY_PROPERTIES| REMOVE_CHILD_NODES privileges at 'path'
    Privilege[] privileges = privilegesFromNames(new String[] { Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_CHILD_NODES, Privilege.JCR_MODIFY_PROPERTIES });
    JackrabbitAccessControlList tmpl = givePrivileges(path, privileges, getRestrictions(superuser, path));
    /*
         testuser must not have
         - permission to view AC items
         - permission to modify AC items
        */
    // make sure the 'rep:policy' node has been created.
    assertTrue(superuser.itemExists(tmpl.getPath() + "/rep:policy"));
    // the policy node however must not be visible to the test-user
    assertFalse(testSession.itemExists(tmpl.getPath() + "/rep:policy"));
    try {
        testAcMgr.getPolicies(tmpl.getPath());
        fail("test user must not have READ_AC privilege.");
    } catch (AccessDeniedException e) {
    // success
    }
    try {
        testAcMgr.getEffectivePolicies(tmpl.getPath());
        fail("test user must not have READ_AC privilege.");
    } catch (AccessDeniedException e) {
    // success
    }
    try {
        testAcMgr.getEffectivePolicies(path);
        fail("test user must not have READ_AC privilege.");
    } catch (AccessDeniedException e) {
    // success
    }
    try {
        testAcMgr.removePolicy(tmpl.getPath(), new AccessControlPolicy() {
        });
        fail("test user must not have MODIFY_AC privilege.");
    } catch (AccessDeniedException e) {
    // success
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessDeniedException(javax.jcr.AccessDeniedException) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Session(javax.jcr.Session)

Aggregations

AccessDeniedException (javax.jcr.AccessDeniedException)189 Node (javax.jcr.Node)80 Test (org.junit.Test)68 Session (javax.jcr.Session)33 RepositoryException (javax.jcr.RepositoryException)23 Privilege (javax.jcr.security.Privilege)22 UserManager (org.apache.jackrabbit.api.security.user.UserManager)19 Workspace (javax.jcr.Workspace)18 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)15 ItemNotFoundException (javax.jcr.ItemNotFoundException)13 PathNotFoundException (javax.jcr.PathNotFoundException)13 Path (org.apache.jackrabbit.spi.Path)13 Principal (java.security.Principal)11 User (org.apache.jackrabbit.api.security.user.User)11 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)10 AccessControlManager (javax.jcr.security.AccessControlManager)9 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)9 Property (javax.jcr.Property)8 JackrabbitWorkspace (org.apache.jackrabbit.api.JackrabbitWorkspace)8 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial