Examples with AccessControlEntry javax.jcr.security.AccessControlEntry used on opensource projects

Search in sources :

Example 51 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class UserImporterTest method testAccessControlActionExecutionForUser.

public void testAccessControlActionExecutionForUser() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.setUserPrivilegeNames(Privilege.JCR_ALL);
    umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "</sv:node>";
    NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
    try {
        doImport(target, xml);
        Authorizable a = umgr.getAuthorizable("t");
        assertNotNull(a);
        assertFalse(a.isGroup());
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
        assertNotNull(policies);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, aces.length);
        assertEquals("tPrincipal", aces[0].getPrincipal().getName());
    } finally {
        sImpl.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction) NodeImpl(org.apache.jackrabbit.core.NodeImpl) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Example 52 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.

the class UserImportWithActionsTest method testAccessControlActionExecutionForUser.

@Test
public void testAccessControlActionExecutionForUser() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.USER_PRIVILEGE_NAMES, new String[] { Privilege.JCR_ALL }));
    setAuthorizableActions(a1);
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "</sv:node>";
    doImport(USERPATH, xml);
    Authorizable a = getUserManager().getAuthorizable("t");
    assertNotNull(a);
    assertFalse(a.isGroup());
    AccessControlManager acMgr = getImportSession().getAccessControlManager();
    AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
    assertNotNull(policies);
    assertEquals(1, policies.length);
    assertTrue(policies[0] instanceof AccessControlList);
    AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
    assertEquals(1, aces.length);
    assertEquals("tPrincipal", aces[0].getPrincipal().getName());
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry) Test(org.junit.Test)

Example 53 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.

the class UserImportWithActionsTest method testAccessControlActionExecutionForGroup.

@Test
public void testAccessControlActionExecutionForGroup() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.GROUP_PRIVILEGE_NAMES, new String[] { Privilege.JCR_READ }));
    setAuthorizableActions(a1);
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property>" + "</sv:node>";
    doImport(GROUPPATH, xml);
    Authorizable a = getUserManager().getAuthorizable("g");
    assertNotNull(a);
    assertTrue(a.isGroup());
    AccessControlManager acMgr = getImportSession().getAccessControlManager();
    AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
    assertNotNull(policies);
    assertEquals(1, policies.length);
    assertTrue(policies[0] instanceof AccessControlList);
    AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
    assertEquals(1, aces.length);
    assertEquals("gPrincipal", aces[0].getPrincipal().getName());
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry) Test(org.junit.Test)

Example 54 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.

the class UserImportWithActionsTest method testAccessControlActionExecutionForUser2.

@Test
public void testAccessControlActionExecutionForUser2() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.USER_PRIVILEGE_NAMES, new String[] { Privilege.JCR_ALL }));
    setAuthorizableActions(a1);
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "</sv:node>";
    doImport(USERPATH, xml);
    Authorizable a = getUserManager().getAuthorizable("t");
    assertNotNull(a);
    assertFalse(a.isGroup());
    AccessControlManager acMgr = getImportSession().getAccessControlManager();
    AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
    assertNotNull(policies);
    assertEquals(1, policies.length);
    assertTrue(policies[0] instanceof AccessControlList);
    AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
    assertEquals(1, aces.length);
    assertEquals("tPrincipal", aces[0].getPrincipal().getName());
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry) Test(org.junit.Test)

Example 55 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.

the class InheritanceTest method testReorderGroupPermissions.

@Test
public void testReorderGroupPermissions() throws Exception {
    /* add privileges for the Group the test-user is member of */
    deny(path, testGroup.getPrincipal(), modPropPrivileges);
    allow(path, group2.getPrincipal(), modPropPrivileges);
    /*
         testuser must get the permissions/privileges inherited from
         the group it is member of.
         granting permissions for group2 must be effective
        */
    String actions = getActions(Session.ACTION_SET_PROPERTY, Session.ACTION_READ);
    assertTrue(testSession.hasPermission(path, actions));
    Privilege[] privs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
    assertTrue(testAcMgr.hasPrivileges(path, privs));
    // reorder the ACEs
    AccessControlEntry srcEntry = null;
    AccessControlEntry destEntry = null;
    JackrabbitAccessControlList acl = (JackrabbitAccessControlList) acMgr.getPolicies(path)[0];
    for (AccessControlEntry entry : acl.getAccessControlEntries()) {
        Principal princ = entry.getPrincipal();
        if (testGroup.getPrincipal().equals(princ)) {
            destEntry = entry;
        } else if (group2.getPrincipal().equals(princ)) {
            srcEntry = entry;
        }
    }
    acl.orderBefore(srcEntry, destEntry);
    acMgr.setPolicy(path, acl);
    superuser.save();
    testSession.refresh(false);
    /* after reordering the permissions must be denied */
    assertFalse(testSession.hasPermission(path, actions));
    assertFalse(testAcMgr.hasPrivileges(path, privs));
}
Also used : AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Aggregations

AccessControlEntry (javax.jcr.security.AccessControlEntry)126 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)50 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)50 Privilege (javax.jcr.security.Privilege)47 AccessControlManager (javax.jcr.security.AccessControlManager)39 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39 AccessControlList (javax.jcr.security.AccessControlList)38 Test (org.junit.Test)29 Principal (java.security.Principal)28 NodeImpl (org.apache.jackrabbit.core.NodeImpl)13 ArrayList (java.util.ArrayList)12 Node (javax.jcr.Node)12 Value (javax.jcr.Value)10 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)9 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)9 ByteArrayInputStream (java.io.ByteArrayInputStream)8 InputStream (java.io.InputStream)8 RepositoryException (javax.jcr.RepositoryException)8 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)8 ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial