use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class NodeDelegate method unlock.
public void unlock() throws RepositoryException {
String path = getPath();
Root root = sessionDelegate.getContentSession().getLatestRoot();
Tree tree = root.getTree(path);
if (!tree.exists()) {
throw new ItemNotFoundException("Node " + path + " does not exist");
} else if (!isNodeType(tree, MIX_LOCKABLE, root)) {
throw new LockException("Node " + path + " is not lockable");
} else if (!tree.hasProperty(JCR_LOCKISDEEP)) {
throw new LockException("Node " + path + " is not locked");
}
try {
tree.removeProperty(JCR_LOCKISDEEP);
tree.removeProperty(JCR_LOCKOWNER);
sessionDelegate.commit(root);
} catch (CommitFailedException e) {
if (e.isAccessViolation()) {
throw new AccessControlException("Access denied to unlock node " + path, e);
} else {
throw new RepositoryException("Unable to unlock node " + path, e);
}
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class NodeDelegate method lock.
public void lock(boolean isDeep) throws RepositoryException {
String path = getPath();
Root root = sessionDelegate.getContentSession().getLatestRoot();
Tree tree = root.getTree(path);
if (!tree.exists()) {
throw new ItemNotFoundException("Node " + path + " does not exist");
} else if (!isNodeType(tree, MIX_LOCKABLE, root)) {
throw new LockException("Node " + path + " is not lockable");
} else if (tree.hasProperty(JCR_LOCKISDEEP)) {
throw new LockException("Node " + path + " is already locked");
}
// look for locked ancestor
Tree inheritedLock = findLock(tree, true);
if (inheritedLock != null) {
throw new LockException("Node already indirectly locked by " + inheritedLock.getPath());
}
// scan for locked descendant
if (isDeep) {
Tree descendantLock = findDescendantLock(tree);
if (descendantLock != null) {
throw new LockException("Lock conflicts with lock hold by " + descendantLock.getPath());
}
}
try {
String owner = sessionDelegate.getAuthInfo().getUserID();
if (owner == null) {
owner = "";
}
tree.setProperty(JCR_LOCKISDEEP, isDeep);
tree.setProperty(JCR_LOCKOWNER, owner);
sessionDelegate.commit(root);
} catch (CommitFailedException e) {
if (e.isAccessViolation()) {
throw new AccessControlException("Access denied to lock node " + path, e);
} else {
throw new RepositoryException("Unable to lock node " + path, e);
}
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testSetInvalidPolicy.
@Test
public void testSetInvalidPolicy() throws Exception {
try {
acMgr.setPolicy(testPath, new TestACL(testPath, getRestrictionProvider(), getNamePathMapper()));
fail("Setting invalid policy must fail");
} catch (AccessControlException e) {
// success
}
ACL acl = setupPolicy(testPath);
try {
acMgr.setPolicy(testPath, new TestACL(testPath, getRestrictionProvider(), getNamePathMapper()));
fail("Setting invalid policy must fail");
} catch (AccessControlException e) {
// success
}
ACL repoAcl = setupPolicy(null);
try {
acMgr.setPolicy(testPath, repoAcl);
fail("Setting invalid policy must fail");
} catch (AccessControlException e) {
// success
}
try {
acMgr.setPolicy(null, acl);
fail("Setting invalid policy must fail");
} catch (AccessControlException e) {
// success
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testSetPolicyAtDifferentPath.
@Test
public void testSetPolicyAtDifferentPath() throws Exception {
try {
ACL acl = getApplicablePolicy(testPath);
acMgr.setPolicy("/", acl);
fail("Setting access control policy at a different node path must fail");
} catch (AccessControlException e) {
// success
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testRemovePolicyAcContent.
@Test
public void testRemovePolicyAcContent() throws Exception {
for (String acPath : getAcContentPaths()) {
try {
AccessControlPolicy acl = createPolicy(acPath);
acMgr.removePolicy(acPath, acl);
fail("Removing access control policy to access control content should fail");
} catch (AccessControlException e) {
// success
}
}
}
Aggregations