Examples with AccessControlEntry javax.jcr.security.AccessControlEntry used on opensource projects

Example 81 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class EntriesCache method getEntries.

List<AccessControlEntry> getEntries(Collection<Principal> principals) throws RepositoryException {
    String key = getCacheKey(principals);
    List<AccessControlEntry> entries;
    synchronized (monitor) {
        entries = cache.get(key);
        if (entries == null) {
            // acNodes must be ordered in the same order as the principals
            // in order to obtain proper acl-evaluation in case the given
            // principal-set is ordered.
            entries = new ArrayList<AccessControlEntry>();
            // the acl-inheritance.
            for (Principal p : principals) {
                ACLTemplate acl = systemEditor.getACL(p);
                if (acl != null && !acl.isEmpty()) {
                    AccessControlEntry[] aces = acl.getAccessControlEntries();
                    entries.addAll(Arrays.asList(aces));
                }
            }
            cache.put(key, entries);
        }
    }
    return entries;
}

Example 82 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class ACLTemplate method internalGetEntries.

private List<Entry> internalGetEntries(Principal principal) {
    String principalName = principal.getName();
    List<Entry> entriesPerPrincipal = new ArrayList<Entry>(2);
    for (AccessControlEntry entry : entries) {
        if (principalName.equals(entry.getPrincipal().getName())) {
            entriesPerPrincipal.add((Entry) entry);
        }
    }
    return entriesPerPrincipal;
}

Example 83 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AccessControlImporterTest method testImportACLRemoveACE.

/**
     * Imports a resource-based ACL containing a single entry.
     *
     * @throws Exception
     */
public void testImportACLRemoveACE() throws Exception {
    try {
        NodeImpl target = (NodeImpl) testRootNode.addNode(nodeName1);
        target.addMixin("rep:AccessControllable");
        InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_3.getBytes("UTF-8"));
        SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ImportHandler ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        in = new ByteArrayInputStream(XML_POLICY_TREE_5.getBytes("UTF-8"));
        importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        String path = target.getPath();
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(path);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof JackrabbitAccessControlList);
        AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, entries.length);
        AccessControlEntry entry = entries[0];
        assertEquals("admin", entry.getPrincipal().getName());
        assertEquals(1, entry.getPrivileges().length);
        assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
        if (entry instanceof JackrabbitAccessControlEntry) {
            assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
        }
    } finally {
        superuser.refresh(false);
    }
}

Example 84 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AccessControlImporterTest method testImportACLOnly.

/**
     * Imports a resource-based ACL containing a single entry.
     *
     * @throws Exception
     */
public void testImportACLOnly() throws Exception {
    try {
        NodeImpl target = (NodeImpl) testRootNode.addNode(nodeName1);
        target.addMixin("rep:AccessControllable");
        InputStream in = new ByteArrayInputStream(XML_POLICY_TREE_3.getBytes("UTF-8"));
        SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ImportHandler ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        String path = target.getPath();
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(path);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof JackrabbitAccessControlList);
        AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(2, entries.length);
        AccessControlEntry entry = entries[0];
        assertEquals("everyone", entry.getPrincipal().getName());
        assertEquals(1, entry.getPrivileges().length);
        assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
        entry = entries[1];
        assertEquals("admin", entry.getPrincipal().getName());
        assertEquals(1, entry.getPrivileges().length);
        assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
        if (entry instanceof JackrabbitAccessControlEntry) {
            assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
        }
    } finally {
        superuser.refresh(false);
    }
}

Example 85 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AccessControlUtils method clear.

/**
     * Removes all ACL entries for a principal at a given absolute path. If the specified
     * {@code principalName} is {@code null} the policy will be removed altogether.
     * <p>Modifications only take effect upon {@code Session.save()}.</p>
     *
     * @param session The editing session.
     * @param absPath Absolute path of an existing node from which to remove ACL entries (or the policy)
     * @param principalName Name of the principal whose entries should be removed;
     * use {@code null} to clear the policy.
     * @return {@code true} if the policy has been modified; {@code false} otherwise.
     * @throws RepositoryException If an unexpected repository error occurs
     */
public static boolean clear(Session session, String absPath, String principalName) throws RepositoryException {
    AccessControlManager acm = session.getAccessControlManager();
    JackrabbitAccessControlList acl = null;
    // only clear if there is an existing acl (no need to retrieve applicable policies)
    AccessControlPolicy[] pcls = acm.getPolicies(absPath);
    for (AccessControlPolicy policy : pcls) {
        if (policy instanceof JackrabbitAccessControlList) {
            acl = (JackrabbitAccessControlList) policy;
        }
    }
    if (acl != null) {
        if (principalName == null) {
            acm.removePolicy(absPath, acl);
            return true;
        } else {
            Principal principal = getPrincipal(session, principalName);
            if (principal == null) {
                return false;
            }
            boolean removedEntries = false;
            // remove all existing entries for principal
            for (AccessControlEntry ace : acl.getAccessControlEntries()) {
                if (ace.getPrincipal().equals(principal)) {
                    acl.removeAccessControlEntry(ace);
                    removedEntries = true;
                }
            }
            if (removedEntries) {
                acm.setPolicy(absPath, acl);
                return true;
            }
        }
    }
    return false;
}