Examples with AccessControlEntry javax.jcr.security.AccessControlEntry used on opensource projects

Search in sources :

Example 6 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AbstractEntryTest method testHashCode.

public void testHashCode() throws RepositoryException, NotExecutableException {
    Map<AccessControlEntry, AccessControlEntry> equivalent = new HashMap<AccessControlEntry, AccessControlEntry>();
    JackrabbitAccessControlEntry ace = createEntry(new String[] { Privilege.JCR_ALL }, true);
    // create same entry again
    equivalent.put(ace, createEntry(new String[] { Privilege.JCR_ALL }, true));
    // create entry with declared aggregate privileges
    Privilege[] declaredAllPrivs = acMgr.privilegeFromName(Privilege.JCR_ALL).getDeclaredAggregatePrivileges();
    equivalent.put(ace, createEntry(testPrincipal, declaredAllPrivs, true));
    // create entry with aggregate privileges
    Privilege[] aggregateAllPrivs = acMgr.privilegeFromName(Privilege.JCR_ALL).getAggregatePrivileges();
    equivalent.put(ace, createEntry(testPrincipal, aggregateAllPrivs, true));
    // create entry with different privilege order
    List<Privilege> reordered = new ArrayList<Privilege>(Arrays.asList(aggregateAllPrivs));
    reordered.add(reordered.remove(0));
    equivalent.put(createEntry(testPrincipal, reordered.toArray(new Privilege[reordered.size()]), true), createEntry(testPrincipal, aggregateAllPrivs, true));
    // even if entries are build with aggregated or declared aggregate privileges
    equivalent.put(createEntry(testPrincipal, declaredAllPrivs, true), createEntry(testPrincipal, aggregateAllPrivs, true));
    for (AccessControlEntry entry : equivalent.keySet()) {
        assertEquals(entry.hashCode(), equivalent.get(entry).hashCode());
    }
    // and the opposite:
    List<JackrabbitAccessControlEntry> otherAces = new ArrayList<JackrabbitAccessControlEntry>();
    try {
        // ACE template with different principal
        Principal princ = new Principal() {

            public String getName() {
                return "a name";
            }
        };
        Privilege[] privs = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_ALL) };
        otherAces.add(createEntry(princ, privs, true));
    } catch (RepositoryException e) {
    }
    // ACE template with different privileges
    try {
        otherAces.add(createEntry(new String[] { Privilege.JCR_READ }, true));
    } catch (RepositoryException e) {
    }
    // ACE template with different 'allow' flag
    try {
        otherAces.add(createEntry(new String[] { Privilege.JCR_ALL }, false));
    } catch (RepositoryException e) {
    }
    // ACE template with different privileges and 'allows
    try {
        otherAces.add(createEntry(new String[] { PrivilegeRegistry.REP_WRITE }, false));
    } catch (RepositoryException e) {
    }
    // other ace impl
    final Privilege[] privs = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_ALL) };
    JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {

        public boolean isAllow() {
            return true;
        }

        public String[] getRestrictionNames() {
            return new String[0];
        }

        public Value getRestriction(String restrictionName) {
            return null;
        }

        public Value[] getRestrictions(String restrictionName) throws RepositoryException {
            return null;
        }

        public Principal getPrincipal() {
            return testPrincipal;
        }

        public Privilege[] getPrivileges() {
            return privs;
        }
    };
    otherAces.add(pe);
    for (JackrabbitAccessControlEntry otherAce : otherAces) {
        assertFalse(ace.hashCode() == otherAce.hashCode());
    }
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) RepositoryException(javax.jcr.RepositoryException) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) Value(javax.jcr.Value) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal)

Example 7 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AbstractACLTemplateTest method testReorderInvalidElements.

public void testReorderInvalidElements() throws Exception {
    Privilege[] read = privilegesFromName(Privilege.JCR_READ);
    Privilege[] write = privilegesFromName(Privilege.JCR_WRITE);
    Principal p2 = getSecondPrincipal();
    AbstractACLTemplate acl = (AbstractACLTemplate) createEmptyTemplate(getTestPath());
    acl.addAccessControlEntry(testPrincipal, read);
    acl.addAccessControlEntry(p2, write);
    AbstractACLTemplate acl2 = (AbstractACLTemplate) createEmptyTemplate(getTestPath());
    acl2.addEntry(testPrincipal, write, false);
    AccessControlEntry invalid = acl2.getEntries().get(0);
    try {
        acl.orderBefore(invalid, acl.getEntries().get(0));
        fail("src entry not contained in list -> reorder should fail.");
    } catch (AccessControlException e) {
    // success
    }
    try {
        acl.orderBefore(acl.getEntries().get(0), invalid);
        fail("dest entry not contained in list -> reorder should fail.");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlException(javax.jcr.security.AccessControlException) Privilege(javax.jcr.security.Privilege) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal)

Example 8 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AbstractACLTemplateTest method testReorder.

public void testReorder() throws Exception {
    Privilege[] read = privilegesFromName(Privilege.JCR_READ);
    Privilege[] write = privilegesFromName(Privilege.JCR_WRITE);
    Principal p2 = getSecondPrincipal();
    AbstractACLTemplate acl = (AbstractACLTemplate) createEmptyTemplate(getTestPath());
    acl.addAccessControlEntry(testPrincipal, read);
    acl.addEntry(testPrincipal, write, false);
    acl.addAccessControlEntry(p2, write);
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    assertEquals(3, entries.length);
    AccessControlEntry aReadTP = entries[0];
    AccessControlEntry dWriteTP = entries[1];
    AccessControlEntry aWriteP2 = entries[2];
    // reorder aWriteP2 to the first position
    acl.orderBefore(aWriteP2, aReadTP);
    assertEquals(0, acl.getEntries().indexOf(aWriteP2));
    assertEquals(1, acl.getEntries().indexOf(aReadTP));
    assertEquals(2, acl.getEntries().indexOf(dWriteTP));
    // reorder aReadTP to the end of the list
    acl.orderBefore(aReadTP, null);
    assertEquals(0, acl.getEntries().indexOf(aWriteP2));
    assertEquals(1, acl.getEntries().indexOf(dWriteTP));
    assertEquals(2, acl.getEntries().indexOf(aReadTP));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal)

Example 9 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AbstractACLTemplateTest method testEffect.

public void testEffect() throws RepositoryException, NotExecutableException {
    JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
    Privilege[] read = privilegesFromName(Privilege.JCR_READ);
    Privilege[] modProp = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
    pt.addAccessControlEntry(testPrincipal, read);
    // add deny entry for mod_props
    assertTrue(pt.addEntry(testPrincipal, modProp, false, null));
    // test net-effect
    PrivilegeBits allows = PrivilegeBits.getInstance();
    PrivilegeBits denies = PrivilegeBits.getInstance();
    AccessControlEntry[] entries = pt.getAccessControlEntries();
    for (AccessControlEntry ace : entries) {
        if (testPrincipal.equals(ace.getPrincipal()) && ace instanceof JackrabbitAccessControlEntry) {
            PrivilegeBits entryBits = privilegeMgr.getBits(ace.getPrivileges());
            if (((JackrabbitAccessControlEntry) ace).isAllow()) {
                allows.addDifference(entryBits, denies);
            } else {
                denies.addDifference(entryBits, allows);
            }
        }
    }
    assertEquals(privilegeMgr.getBits(read), allows);
    assertEquals(privilegeMgr.getBits(modProp), denies);
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 10 with AccessControlEntry

use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.

the class AccessControlImporterTest method testImportEmptyExistingPolicy.

/**
     * Imports an empty resource-based ACL for a policy that already exists.
     *
     * @throws Exception
     */
public void testImportEmptyExistingPolicy() throws Exception {
    NodeImpl target = (NodeImpl) testRootNode;
    target = (NodeImpl) target.addNode("test", "test:sameNameSibsFalseChildNodeDefinition");
    AccessControlManager acMgr = sImpl.getAccessControlManager();
    for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(target.getPath()); it.hasNext(); ) {
        AccessControlPolicy policy = it.nextAccessControlPolicy();
        if (policy instanceof AccessControlList) {
            acMgr.setPolicy(target.getPath(), policy);
        }
    }
    try {
        InputStream in = new ByteArrayInputStream(XML_POLICY_ONLY.getBytes("UTF-8"));
        SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_CREATE_NEW, new PseudoConfig());
        ImportHandler ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        AccessControlPolicy[] policies = acMgr.getPolicies(target.getPath());
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof JackrabbitAccessControlList);
        AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(0, entries.length);
    } finally {
        superuser.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NodeImpl(org.apache.jackrabbit.core.NodeImpl) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ParsingContentHandler(org.apache.jackrabbit.commons.xml.ParsingContentHandler) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) ByteArrayInputStream(java.io.ByteArrayInputStream)

Aggregations

AccessControlEntry (javax.jcr.security.AccessControlEntry)126 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)50 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)50 Privilege (javax.jcr.security.Privilege)47 AccessControlManager (javax.jcr.security.AccessControlManager)39 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39 AccessControlList (javax.jcr.security.AccessControlList)38 Test (org.junit.Test)29 Principal (java.security.Principal)28 NodeImpl (org.apache.jackrabbit.core.NodeImpl)13 ArrayList (java.util.ArrayList)12 Node (javax.jcr.Node)12 Value (javax.jcr.Value)10 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)9 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)9 ByteArrayInputStream (java.io.ByteArrayInputStream)8 InputStream (java.io.InputStream)8 RepositoryException (javax.jcr.RepositoryException)8 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)8 ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial