Search in sources :

Example 46 with AccessControlException

use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.

the class ACLTest method testMandatoryRestrictions.

@Test
public void testMandatoryRestrictions() throws Exception {
    RestrictionProvider rp = new TestRestrictionProvider("mandatory", Type.NAME, true);
    JackrabbitAccessControlList acl = createACL(TEST_PATH, new ArrayList(), namePathMapper, rp);
    try {
        acl.addEntry(testPrincipal, testPrivileges, false, Collections.<String, Value>emptyMap());
        fail("Mandatory restriction must be enforced.");
    } catch (AccessControlException e) {
    // mandatory restriction missing -> success
    }
}
Also used : RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) AbstractRestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.AbstractRestrictionProvider) ArrayList(java.util.ArrayList) AccessControlException(javax.jcr.security.AccessControlException) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Test(org.junit.Test)

Example 47 with AccessControlException

use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.

the class ACLTest method testUnsupportedRestrictions2.

@Test
public void testUnsupportedRestrictions2() throws Exception {
    RestrictionProvider rp = new TestRestrictionProvider("restr", Type.NAME, false);
    JackrabbitAccessControlList acl = createACL(TEST_PATH, new ArrayList(), namePathMapper, rp);
    try {
        acl.addEntry(testPrincipal, testPrivileges, false, Collections.<String, Value>singletonMap("unsupported", getValueFactory().createValue("value")));
        fail("Unsupported restriction must be detected.");
    } catch (AccessControlException e) {
    // mandatory restriction missing -> success
    }
}
Also used : RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) AbstractRestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.AbstractRestrictionProvider) ArrayList(java.util.ArrayList) AccessControlException(javax.jcr.security.AccessControlException) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Test(org.junit.Test)

Example 48 with AccessControlException

use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testRemoveInvalidPolicy.

@Test
public void testRemoveInvalidPolicy() throws Exception {
    ACL acl = setupPolicy(testPath);
    try {
        acMgr.removePolicy(testPath, new TestACL(testPath, getRestrictionProvider(), getNamePathMapper()));
        fail("Invalid policy -> removal must fail");
    } catch (AccessControlException e) {
    // success
    }
    ACL repoAcl = setupPolicy(null);
    try {
        acMgr.removePolicy(testPath, repoAcl);
        fail("Setting invalid policy must fail");
    } catch (AccessControlException e) {
    // success
    }
    try {
        acMgr.removePolicy(null, acl);
        fail("Setting invalid policy must fail");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : TestACL(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL) AccessControlException(javax.jcr.security.AccessControlException) TestACL(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 49 with AccessControlException

use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testSetPolicyAcContent.

@Test
public void testSetPolicyAcContent() throws Exception {
    for (String acPath : getAcContentPaths()) {
        try {
            AccessControlPolicy acl = createPolicy(acPath);
            acMgr.setPolicy(acPath, acl);
            fail("Setting access control policy to access control content should fail");
        } catch (AccessControlException e) {
        // success
        }
    }
}
Also used : JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlException(javax.jcr.security.AccessControlException) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 50 with AccessControlException

use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testGetApplicablePoliciesInvalidPrincipal.

@Test
public void testGetApplicablePoliciesInvalidPrincipal() throws Exception {
    Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
    int i = 0;
    while (unknown != null) {
        unknown = getPrincipalManager(root).getPrincipal("unknown" + i);
    }
    unknown = new InvalidTestPrincipal("unknown" + i);
    try {
        acMgr.getApplicablePolicies(unknown);
        fail("Unknown principal should be detected.");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : AccessControlException(javax.jcr.security.AccessControlException) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

AccessControlException (javax.jcr.security.AccessControlException)86 Test (org.junit.Test)32 Privilege (javax.jcr.security.Privilege)20 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)19 Principal (java.security.Principal)17 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)11 Tree (org.apache.jackrabbit.oak.api.Tree)11 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)9 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)8 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)8 RepositoryException (javax.jcr.RepositoryException)6 Value (javax.jcr.Value)6 TestPrincipal (org.apache.jackrabbit.core.security.TestPrincipal)6 Restriction (org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)6 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)6 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)6 AccessControlEntry (javax.jcr.security.AccessControlEntry)5 AccessControlList (javax.jcr.security.AccessControlList)5 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)5 PrivilegeManager (org.apache.jackrabbit.api.security.authorization.PrivilegeManager)4