use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class L5_AccessControlListImplTest method testRemoveInvalidEntry.
public void testRemoveInvalidEntry() throws RepositoryException {
assertTrue(AccessControlUtils.addAccessControlEntry(superuser, testRoot, testPrincipal, testPrivileges, true));
// EXERCISE : walk through the removal and explain the expected behaviour.
try {
acl.removeAccessControlEntry(new JackrabbitAccessControlEntry() {
public boolean isAllow() {
return false;
}
public String[] getRestrictionNames() {
return new String[0];
}
public Value getRestriction(String restrictionName) {
return null;
}
public Value[] getRestrictions(String restrictionName) {
return null;
}
public Principal getPrincipal() {
return testPrincipal;
}
public Privilege[] getPrivileges() {
return testPrivileges;
}
});
fail("Passing an unknown ACE should fail");
} catch (AccessControlException e) {
// success
}
}
use of javax.jcr.security.AccessControlException in project APM by Cognifide.
the class JackrabbitAccessControlListUtil method getModifiableAcl.
public static JackrabbitAccessControlList getModifiableAcl(final AccessControlManager accessManager, final String path) throws RepositoryException {
final JackrabbitAccessControlList acl = getAccessControlList(accessManager, path);
if (null != acl) {
return acl;
}
final JackrabbitAccessControlList applicableAcl = getApplicableAccessControlList(accessManager, path);
if (null != applicableAcl) {
return applicableAcl;
}
throw new AccessControlException("No modifiable ACL at " + path);
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class AbstractRestrictionProvider method createRestriction.
@Nonnull
@Override
public Restriction createRestriction(String oakPath, @Nonnull String oakName, @Nonnull Value... values) throws RepositoryException {
RestrictionDefinition definition = getDefinition(oakPath, oakName);
Type<?> requiredType = definition.getRequiredType();
for (Value v : values) {
if (requiredType.tag() != PropertyType.UNDEFINED && requiredType.tag() != v.getType()) {
throw new AccessControlException("Unsupported restriction: Expected value of type " + requiredType);
}
}
PropertyState propertyState;
if (requiredType.isArray()) {
propertyState = PropertyStates.createProperty(oakName, Arrays.asList(values), requiredType.tag());
} else {
if (values.length != 1) {
throw new AccessControlException("Unsupported restriction: Expected single value.");
}
propertyState = PropertyStates.createProperty(oakName, values[0]);
}
return createRestriction(propertyState, definition);
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class L5_AccessControlListImplTest method testAddEntryWithInvalidPrincipals.
public void testAddEntryWithInvalidPrincipals() throws Exception {
// EXERCISE: explain for each principal in the list why using it for an ACE fails
List<Principal> invalidPrincipals = ImmutableList.of(new InvalidTestPrincipal("unknown"), null, new PrincipalImpl(""), new Principal() {
@Override
public String getName() {
return "unknown";
}
});
for (Principal principal : invalidPrincipals) {
try {
acl.addAccessControlEntry(principal, testPrivileges);
fail("Adding an ACE with an invalid principal should fail");
} catch (AccessControlException e) {
// success
}
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class AccessControlWorkspaceImporterTest method testImportRepoACLAtTestNode.
/**
* Make sure repo-level acl is not imported below any other node than the
* root node.
*
* @throws Exception
*/
public void testImportRepoACLAtTestNode() throws Exception {
try {
Node target = testRootNode.addNode("test");
target.addMixin("rep:RepoAccessControllable");
superuser.save();
doImport(target.getPath(), XML_REPO_POLICY_TREE);
fail("Importing repo policy to non-root node must fail");
} catch (AccessControlException e) {
// success
} finally {
superuser.refresh(false);
}
}
Aggregations