use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListTest method tearDown.
protected void tearDown() throws Exception {
try {
// restore original entries (remove others).
AccessControlList list = getList(acMgr, path);
AccessControlEntry[] entries = list.getAccessControlEntries();
for (int i = 0; i < entries.length; i++) {
AccessControlEntry ace = entries[i];
if (testPrincipal.equals(ace.getPrincipal())) {
list.removeAccessControlEntry(ace);
}
}
if (!privilegesToRestore.isEmpty()) {
list.addAccessControlEntry(testPrincipal, (Privilege[]) privilegesToRestore.toArray(new Privilege[privilegesToRestore.size()]));
}
if (list.getAccessControlEntries().length > 0 && acMgr.getPolicies(path).length > 0) {
acMgr.setPolicy(path, list);
superuser.save();
}
} catch (Exception e) {
log.warn("Unexpected error while removing test entries.", e);
}
super.tearDown();
}
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListTest method testGetAccessControlEntries.
public void testGetAccessControlEntries() throws RepositoryException, AccessDeniedException, NotExecutableException {
checkCanReadAc(path);
AccessControlList acl = getList(acMgr, path);
// call must succeed.
AccessControlEntry[] entries = acl.getAccessControlEntries();
assertNotNull("AccessControlList#getAccessControlEntries must not return null.", entries);
for (int i = 0; i < entries.length; i++) {
assertNotNull("An ACE must contain a principal", entries[i].getPrincipal());
Privilege[] privs = entries[i].getPrivileges();
assertTrue("An ACE must contain at least a single privilege", privs != null && privs.length > 0);
}
}
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListTest method testAddAccessControlEntryAndSetPolicy.
public void testAddAccessControlEntryAndSetPolicy() throws RepositoryException, NotExecutableException {
checkCanModifyAc(path);
AccessControlList acl = getList(acMgr, path);
List<AccessControlEntry> originalAces = Arrays.asList(acl.getAccessControlEntries());
if (!acl.addAccessControlEntry(testPrincipal, privs)) {
throw new NotExecutableException();
}
// re-access ACL from AC-Manager -> must not yet have changed
assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", originalAces, Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
// setting the modified policy -> policy must change.
acMgr.setPolicy(path, acl);
assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", Arrays.asList(acl.getAccessControlEntries()), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
}
use of javax.jcr.security.AccessControlEntry in project jackrabbit by apache.
the class AccessControlListTest method testAddPrivilegesPresentInEntries.
public void testAddPrivilegesPresentInEntries() throws NotExecutableException, RepositoryException {
checkCanModifyAc(path);
AccessControlList acl = getList(acMgr, path);
acl.addAccessControlEntry(testPrincipal, privs);
Set<Privilege> assignedPrivs = new HashSet<Privilege>();
AccessControlEntry[] entries = acl.getAccessControlEntries();
for (int i = 0; i < entries.length; i++) {
if (entries[i].getPrincipal().equals(testPrincipal)) {
Privilege[] prvs = entries[i].getPrivileges();
for (int j = 0; j < prvs.length; j++) {
if (prvs[j].isAggregate()) {
assignedPrivs.addAll(Arrays.asList(prvs[j].getAggregatePrivileges()));
} else {
assignedPrivs.add(prvs[j]);
}
}
}
}
Set<Privilege> expected = new HashSet<Privilege>();
for (int i = 0; i < privs.length; i++) {
if (privs[i].isAggregate()) {
expected.addAll(Arrays.asList(privs[i].getAggregatePrivileges()));
} else {
expected.add(privs[i]);
}
}
assertTrue("getAccessControlEntries must contain an entry or entries that grant at least the added privileges.", assignedPrivs.containsAll(expected));
}
use of javax.jcr.security.AccessControlEntry in project jackrabbit-oak by apache.
the class AccessControlImporter method getACL.
@CheckForNull
private JackrabbitAccessControlList getACL(Tree tree) throws RepositoryException {
String nodeName = tree.getName();
JackrabbitAccessControlList acList = null;
if (!tree.isRoot()) {
Tree parent = tree.getParent();
if (AccessControlConstants.REP_POLICY.equals(nodeName) && ntMgr.isNodeType(tree, AccessControlConstants.NT_REP_ACL)) {
String path = parent.getPath();
acList = getACL(path);
} else if (AccessControlConstants.REP_REPO_POLICY.equals(nodeName) && ntMgr.isNodeType(tree, AccessControlConstants.NT_REP_ACL) && parent.isRoot()) {
acList = getACL((String) null);
}
}
if (acList != null) {
// clear all existing entries
for (AccessControlEntry ace : acList.getAccessControlEntries()) {
acList.removeAccessControlEntry(ace);
}
}
return acList;
}
Aggregations