Examples with AccessControlEntry javax.jcr.security.AccessControlEntry used on opensource projects

Example 46 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class JsonDiffHandlerImportTest method assertPolicy.

private static void assertPolicy(AccessControlManager acMgr, Node targetNode, int noACEs) throws RepositoryException {
    AccessControlPolicy[] policies = acMgr.getPolicies(targetNode.getPath());
    assertEquals(policies.length, 1);
    AccessControlPolicy acl = policies[0];
    assertTrue(acl instanceof JackrabbitAccessControlList);
    AccessControlEntry[] entries = ((JackrabbitAccessControlList) acl).getAccessControlEntries();
    assertEquals(noACEs, entries.length);
}

Example 47 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class JsonDiffHandlerImportTest method testUpdatePolicyNode.

/**
     * Test adding 'rep:policy' policy node as a child node of /testroot without
     * intermediate node.
     */
public void testUpdatePolicyNode() throws Exception {
    try {
        AccessControlUtils.addAccessControlEntry(superuser, testRoot, EveryonePrincipal.getInstance(), new String[] { Privilege.JCR_READ }, false);
        JsonDiffHandler handler = new JsonDiffHandler(superuser, testRoot, null);
        new DiffParser(handler).parse(JSOP_POLICY_TREE);
        assertTrue(testRootNode.hasNode("rep:policy"));
        assertTrue(testRootNode.getNode("rep:policy").getDefinition().isProtected());
        assertTrue(testRootNode.getNode("rep:policy").getPrimaryNodeType().getName().equals("rep:ACL"));
        assertPolicy(acMgr, testRootNode, 1);
        AccessControlEntry entry = ((AccessControlList) acMgr.getPolicies(testRoot)[0]).getAccessControlEntries()[0];
        assertEquals(EveryonePrincipal.NAME, entry.getPrincipal().getName());
        assertEquals(1, entry.getPrivileges().length);
        assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
        if (entry instanceof JackrabbitAccessControlEntry) {
            assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
        }
    } finally {
        superuser.refresh(false);
    }
}

Example 48 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AccessControlListImpl method addEntry.

@Override
public boolean addEntry(Principal principal, Privilege[] privileges, boolean isAllow, Map<String, Value> restrictions, Map<String, Value[]> mvRestrictions) throws AccessControlException, RepositoryException {
    // create entry to be added
    Map<Name, QValue> rs = createRestrictions(restrictions);
    Map<Name, Iterable<QValue>> mvRs = createMvRestrictions(mvRestrictions);
    AccessControlEntry entry = createEntry(principal, privileges, isAllow, rs, mvRs);
    return entries.add(entry);
}

Example 49 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class UnmodifiableAccessControlList method hashCode.

//-------------------------------------------------------------< Object >---
/**
     * @see Object#hashCode()
     */
@Override
public int hashCode() {
    if (hashCode == 0) {
        int result = 17;
        result = 37 * result + (path != null ? path.hashCode() : 0);
        for (AccessControlEntry entry : accessControlEntries) {
            result = 37 * result + entry.hashCode();
        }
        for (String restrictionName : restrictions.keySet()) {
            result = 37 * (restrictionName + "." + restrictions.get(restrictionName)).hashCode();
        }
        hashCode = result;
    }
    return hashCode;
}

Example 50 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class ACLEditor method setPolicy.

/**
     * @see AccessControlEditor#setPolicy(String,AccessControlPolicy)
     */
public void setPolicy(String nodePath, AccessControlPolicy policy) throws RepositoryException {
    checkProtectsNode(nodePath);
    checkValidPolicy(nodePath, policy);
    NodeImpl aclNode = getAclNode(nodePath);
    if (aclNode != null) {
        // remove all existing aces
        for (NodeIterator aceNodes = aclNode.getNodes(); aceNodes.hasNext(); ) {
            NodeImpl aceNode = (NodeImpl) aceNodes.nextNode();
            removeItem(aceNode);
        }
    } else {
        // create the acl node
        aclNode = (nodePath == null) ? createRepoAclNode() : createAclNode(nodePath);
    }
    AccessControlEntry[] entries = ((ACLTemplate) policy).getAccessControlEntries();
    for (AccessControlEntry entry : entries) {
        AccessControlEntryImpl ace = (AccessControlEntryImpl) entry;
        Name nodeName = getUniqueNodeName(aclNode, ace.isAllow() ? "allow" : "deny");
        Name ntName = (ace.isAllow()) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
        ValueFactory vf = session.getValueFactory();
        // create the ACE node
        NodeImpl aceNode = addNode(aclNode, nodeName, ntName);
        // write the rep:principalName property
        String principalName = ace.getPrincipal().getName();
        setProperty(aceNode, P_PRINCIPAL_NAME, vf.createValue(principalName));
        // ... and the rep:privileges property
        Privilege[] pvlgs = ace.getPrivileges();
        Value[] names = getPrivilegeNames(pvlgs, vf);
        setProperty(aceNode, P_PRIVILEGES, names);
        // store the restrictions:
        Set<Name> restrNames = ace.getRestrictions().keySet();
        for (Name restrName : restrNames) {
            Value value = ace.getRestriction(restrName);
            setProperty(aceNode, restrName, value);
        }
    }
    // mark the parent modified.
    markModified(((NodeImpl) aclNode.getParent()));
}