use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class RSessionAccessControlPolicyTest method testSetInvalidPolicy.
public void testSetInvalidPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
try {
testAcMgr.setPolicy(path, new AccessControlPolicy() {
public String getName() throws RepositoryException {
return getClass().getName();
}
public String getDescription() throws RepositoryException {
return "";
}
});
fail("Invalid policy may not be set by a READ-only session.");
} catch (AccessControlException e) {
// success.
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class RSessionAccessControlPolicyTest method testSetPolicy.
public void testSetPolicy() throws RepositoryException, AccessDeniedException, NotExecutableException {
// retrieve valid policy using superuser session:
AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path);
if (!it.hasNext()) {
throw new NotExecutableException();
}
try {
testAcMgr.setPolicy(path, it.nextAccessControlPolicy());
fail("read only session may not modify AC content.");
} catch (AccessControlException e) {
// success.
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class AccessControlManagerImpl method checkAcccessControlItem.
/**
* Checks whether if the given nodePath points to an access
* control policy or entry node.
* @param nodePath
* @throws AccessControlException
* @throws RepositoryException
*/
private void checkAcccessControlItem(String nodePath) throws AccessControlException, RepositoryException {
NodeState controlledState = getNodeState(nodePath);
Name ntName = controlledState.getNodeTypeName();
boolean isAcItem = ntName.equals(NT_REP_ACL) || ntName.equals(NT_REP_GRANT_ACE) || ntName.equals(NT_REP_DENY_ACE);
if (isAcItem) {
throw new AccessControlException("The path: " + nodePath + " points to an access control content node");
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class AccessControlManagerImpl method removePolicy.
public void removePolicy(String absPath, AccessControlPolicy policy) throws RepositoryException {
checkValidNodePath(absPath);
checkValidPolicy(policy);
NodeState aclNode = getAclNode(absPath);
if (aclNode != null) {
removeNode(aclNode);
} else {
throw new AccessControlException("No policy exist at " + absPath);
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit-oak by apache.
the class CugAccessControlManager method removePolicy.
@Override
public void removePolicy(String absPath, AccessControlPolicy policy) throws RepositoryException {
String oakPath = getOakPath(absPath);
if (isSupportedPath(oakPath)) {
checkValidPolicy(absPath, policy);
Tree tree = getTree(oakPath, Permissions.MODIFY_ACCESS_CONTROL, true);
Tree cug = tree.getChild(REP_CUG_POLICY);
if (!CugUtil.definesCug(cug)) {
throw new AccessControlException("Unexpected primary type of node rep:cugPolicy.");
} else {
// remove the rep:CugMixin if it has been explicitly added upon setPolicy
Set<String> mixins = Sets.newHashSet(TreeUtil.getNames(tree, NodeTypeConstants.JCR_MIXINTYPES));
if (mixins.remove(MIX_REP_CUG_MIXIN)) {
tree.setProperty(JcrConstants.JCR_MIXINTYPES, mixins, NAMES);
} else {
log.debug("Cannot remove mixin type " + MIX_REP_CUG_MIXIN);
}
cug.remove();
}
} else {
throw new AccessControlException("Unsupported path: " + absPath);
}
}
Aggregations