Example 96 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListTest method testRemoveAccessControlEntry.
public void testRemoveAccessControlEntry() throws NotExecutableException, RepositoryException {
checkCanModifyAc(path);
AccessControlList acl = getList(acMgr, path);
AccessControlEntry[] entries = acl.getAccessControlEntries();
if (entries.length > 0) {
AccessControlEntry ace = entries[0];
acl.removeAccessControlEntry(ace);
// retrieve entries again:
List<AccessControlEntry> remainingEntries = Arrays.asList(acl.getAccessControlEntries());
assertFalse("AccessControlList.getAccessControlEntries still returns a removed ACE.", remainingEntries.contains(ace));
}
}
Also used :
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Example 97 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListTest method testRemoveAddedAccessControlEntry.
public void testRemoveAddedAccessControlEntry() throws NotExecutableException, RepositoryException {
checkCanModifyAc(path);
AccessControlList acl = getList(acMgr, path);
acl.addAccessControlEntry(testPrincipal, privs);
AccessControlEntry[] aces = acl.getAccessControlEntries();
for (int i = 0; i < aces.length; i++) {
acl.removeAccessControlEntry(aces[i]);
}
assertEquals("After removing all ACEs the ACL must be empty", 0, acl.getAccessControlEntries().length);
}
Also used :
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Example 98 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlManagerImpl method setPolicy.
public void setPolicy(String absPath, AccessControlPolicy policy) throws RepositoryException {
checkValidNodePath(absPath);
checkValidPolicy(policy);
checkAcccessControlItem(absPath);
SetTree operation;
NodeState aclNode = getAclNode(absPath);
if (aclNode == null) {
// policy node doesn't exist at absPath -> create one.
Name name = (absPath == null) ? N_REPO_POLICY : N_POLICY;
NodeState parent = null;
Name mixinType = null;
if (absPath == null) {
parent = getRootNodeState();
mixinType = NT_REP_REPO_ACCESS_CONTROLLABLE;
} else {
parent = getNodeState(absPath);
mixinType = NT_REP_ACCESS_CONTROLLABLE;
}
setMixin(parent, mixinType);
operation = SetTree.create(itemStateMgr, parent, name, NT_REP_ACL, null);
aclNode = operation.getTreeState();
} else {
Iterator<NodeEntry> it = getNodeEntry(aclNode).getNodeEntries();
while (it.hasNext()) {
it.next().transientRemove();
}
operation = SetTree.create(aclNode);
}
// create the entry nodes
for (AccessControlEntry entry : ((AccessControlListImpl) policy).getAccessControlEntries()) {
createAceNode(operation, aclNode, entry);
}
itemStateMgr.execute(operation);
}
Also used :
NodeState(org.apache.jackrabbit.jcr2spi.state.NodeState)
NodeEntry(org.apache.jackrabbit.jcr2spi.hierarchy.NodeEntry)
SetTree(org.apache.jackrabbit.jcr2spi.operation.SetTree)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Name(org.apache.jackrabbit.spi.Name)
Example 99 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.
the class ACL method toString.
//-------------------------------------------------------------< Object >---
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("ACL: ").append(getPath()).append("; ACEs: ");
for (AccessControlEntry ace : entries) {
sb.append(ace.toString()).append(';');
}
return sb.toString();
}
Also used :
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Example 100 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListImplTest method testMultipleEntryEffect.
public void testMultipleEntryEffect() throws Exception {
JackrabbitAccessControlList acl = createAccessControList(testRoot);
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
// GRANT 'read' privilege to the Admin user -> list now contains one
// allow entry
assertTrue(acl.addAccessControlEntry(unknownPrincipal, privileges));
// policy contains a single entry
assertEquals(1, acl.size());
AccessControlEntry[] entries = acl.getAccessControlEntries();
// ... and the entry grants a single privilege
assertEquals(1, entries[0].getPrivileges().length);
assertEquals("jcr:read", entries[0].getPrivileges()[0].getName());
// GRANT 'add_child_node' privilege for the admin user -> same entry but
// with an additional 'add_child_node' privilege.
privileges = privilegesFromNames(new String[] { Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_READ });
assertTrue(acl.addAccessControlEntry(unknownPrincipal, privileges));
// A new Entry was added -> entries count should be 2.
assertEquals(2, acl.size());
// The single entry should now contain both 'read' and 'add_child_nodes'
// privileges for the same principal.
assertEquals(1, acl.getAccessControlEntries()[0].getPrivileges().length);
assertEquals(2, acl.getAccessControlEntries()[1].getPrivileges().length);
// adding a privilege that's already granted for the same principal ->
// again modified as the client doesn't care about possible compaction the
// server may want to make.
privileges = privilegesFromNames(new String[] { Privilege.JCR_READ });
assertTrue(acl.addAccessControlEntry(unknownPrincipal, privileges));
assertEquals(3, acl.size());
// revoke the read privilege
assertTrue("Fail to revoke read privilege", acl.addEntry(unknownPrincipal, privileges, false, createEmptyRestriction()));
// should now be 3 entries -> 2 allow entry + a deny entry
assertEquals(4, acl.size());
}
Also used :
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Privilege(javax.jcr.security.Privilege)
JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)
Aggregations
AccessControlEntry (javax.jcr.security.AccessControlEntry)126
JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)50
JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)50
Privilege (javax.jcr.security.Privilege)47
AccessControlManager (javax.jcr.security.AccessControlManager)39
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39
AccessControlList (javax.jcr.security.AccessControlList)38
Test (org.junit.Test)29
Principal (java.security.Principal)28
NodeImpl (org.apache.jackrabbit.core.NodeImpl)13
ArrayList (java.util.ArrayList)12
Node (javax.jcr.Node)12
Value (javax.jcr.Value)10
JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)9
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)9
ByteArrayInputStream (java.io.ByteArrayInputStream)8
InputStream (java.io.InputStream)8
RepositoryException (javax.jcr.RepositoryException)8
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)8
ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)8
