Example 26 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class UserImporterTest method testAccessControlActionExecutionForGroup.
public void testAccessControlActionExecutionForGroup() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.setGroupPrivilegeNames(Privilege.JCR_READ);
umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property>" + "</sv:node>";
NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getGroupsPath());
try {
doImport(target, xml);
Authorizable a = umgr.getAuthorizable("g");
assertNotNull(a);
assertTrue(a.isGroup());
AccessControlManager acMgr = sImpl.getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("gPrincipal", aces[0].getPrincipal().getName());
} finally {
sImpl.refresh(false);
}
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Example 27 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class UserImporterTest method testAccessControlActionExecutionForUser2.
public void testAccessControlActionExecutionForUser2() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.setUserPrivilegeNames(Privilege.JCR_ALL);
umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "</sv:node>";
NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
try {
doImport(target, xml);
Authorizable a = umgr.getAuthorizable("t");
assertNotNull(a);
assertFalse(a.isGroup());
AccessControlManager acMgr = sImpl.getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("tPrincipal", aces[0].getPrincipal().getName());
} finally {
sImpl.refresh(false);
}
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Example 28 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.
the class ACLTest method testNewEntriesAppendedAtEnd.
@Test
public void testNewEntriesAppendedAtEnd() throws Exception {
Privilege[] readPriv = privilegesFromNames(JCR_READ);
Privilege[] writePriv = privilegesFromNames(JCR_WRITE);
acl.addEntry(testPrincipal, readPriv, true);
acl.addEntry(principalManager.getEveryone(), readPriv, true);
acl.addEntry(testPrincipal, writePriv, false);
AccessControlEntry[] entries = acl.getAccessControlEntries();
assertEquals(3, entries.length);
JackrabbitAccessControlEntry last = (JackrabbitAccessControlEntry) entries[2];
assertEquals(testPrincipal, last.getPrincipal());
assertACE(last, false, writePriv);
}
Also used :
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Privilege(javax.jcr.security.Privilege)
Test(org.junit.Test)
Example 29 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.
the class ACLTest method testComplementaryGroupEntry.
@Test
public void testComplementaryGroupEntry() throws Exception {
Privilege[] readPriv = privilegesFromNames(JCR_READ);
Privilege[] writePriv = privilegesFromNames(JCR_WRITE);
Principal everyone = principalManager.getEveryone();
acl.addEntry(testPrincipal, readPriv, true);
acl.addEntry(everyone, readPriv, true);
acl.addEntry(testPrincipal, writePriv, false);
acl.addEntry(everyone, writePriv, true);
// entry complementary to the first entry
// -> must remove the allow-READ entry and update the deny-WRITE entry.
acl.addEntry(testPrincipal, readPriv, false);
AccessControlEntry[] entries = acl.getAccessControlEntries();
assertEquals(2, entries.length);
JackrabbitAccessControlEntry first = (JackrabbitAccessControlEntry) entries[0];
assertEquals(everyone, first.getPrincipal());
JackrabbitAccessControlEntry second = (JackrabbitAccessControlEntry) entries[1];
assertEquals(testPrincipal, second.getPrincipal());
assertACE(second, false, privilegesFromNames(JCR_READ, JCR_WRITE));
}
Also used :
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Privilege(javax.jcr.security.Privilege)
Principal(java.security.Principal)
EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)
Test(org.junit.Test)
Example 30 with AccessControlEntry
use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.
the class ACLTest method testReorderToTheEnd.
@Test
public void testReorderToTheEnd() throws Exception {
Privilege[] read = privilegesFromNames(JCR_READ, JCR_READ_ACCESS_CONTROL);
Privilege[] write = privilegesFromNames(JCR_WRITE);
AbstractAccessControlList acl = createEmptyACL();
acl.addAccessControlEntry(testPrincipal, read);
acl.addEntry(testPrincipal, write, false);
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), write);
List<? extends JackrabbitAccessControlEntry> entries = acl.getEntries();
assertEquals(3, entries.size());
AccessControlEntry first = entries.get(0);
acl.orderBefore(first, null);
List<? extends JackrabbitAccessControlEntry> entriesAfter = acl.getEntries();
assertEquals(first, entriesAfter.get(2));
}
Also used :
AbstractAccessControlList(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlList)
JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Privilege(javax.jcr.security.Privilege)
Test(org.junit.Test)
Aggregations
AccessControlEntry (javax.jcr.security.AccessControlEntry)126
JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)50
JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)50
Privilege (javax.jcr.security.Privilege)47
AccessControlManager (javax.jcr.security.AccessControlManager)39
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39
AccessControlList (javax.jcr.security.AccessControlList)38
Test (org.junit.Test)29
Principal (java.security.Principal)28
NodeImpl (org.apache.jackrabbit.core.NodeImpl)13
ArrayList (java.util.ArrayList)12
Node (javax.jcr.Node)12
Value (javax.jcr.Value)10
JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)9
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)9
ByteArrayInputStream (java.io.ByteArrayInputStream)8
InputStream (java.io.InputStream)8
RepositoryException (javax.jcr.RepositoryException)8
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)8
ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)8
