Example 1 with AccessControlList
use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.
the class UserImportWithActionsTest method testAccessControlActionExecutionForUser.
@Test
public void testAccessControlActionExecutionForUser() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.USER_PRIVILEGE_NAMES, new String[] { Privilege.JCR_ALL }));
setAuthorizableActions(a1);
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "</sv:node>";
doImport(USERPATH, xml);
Authorizable a = getUserManager().getAuthorizable("t");
assertNotNull(a);
assertFalse(a.isGroup());
AccessControlManager acMgr = getImportSession().getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("tPrincipal", aces[0].getPrincipal().getName());
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Test(org.junit.Test)
Example 2 with AccessControlList
use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.
the class UserImportWithActionsTest method testAccessControlActionExecutionForGroup.
@Test
public void testAccessControlActionExecutionForGroup() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.GROUP_PRIVILEGE_NAMES, new String[] { Privilege.JCR_READ }));
setAuthorizableActions(a1);
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property>" + "</sv:node>";
doImport(GROUPPATH, xml);
Authorizable a = getUserManager().getAuthorizable("g");
assertNotNull(a);
assertTrue(a.isGroup());
AccessControlManager acMgr = getImportSession().getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("gPrincipal", aces[0].getPrincipal().getName());
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Test(org.junit.Test)
Example 3 with AccessControlList
use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.
the class UserImportWithActionsTest method testAccessControlActionExecutionForUser2.
@Test
public void testAccessControlActionExecutionForUser2() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.USER_PRIVILEGE_NAMES, new String[] { Privilege.JCR_ALL }));
setAuthorizableActions(a1);
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "</sv:node>";
doImport(USERPATH, xml);
Authorizable a = getUserManager().getAuthorizable("t");
assertNotNull(a);
assertFalse(a.isGroup());
AccessControlManager acMgr = getImportSession().getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("tPrincipal", aces[0].getPrincipal().getName());
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Test(org.junit.Test)
Example 4 with AccessControlList
use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.
the class PrincipalACLTest method before.
@Override
@Before
public void before() throws Exception {
super.before();
JackrabbitAccessControlManager acMgr = getAccessControlManager(root);
AccessControlList policy = AccessControlUtils.getAccessControlList(acMgr, TEST_PATH);
policy.addAccessControlEntry(testPrincipal, testPrivileges);
policy.addAccessControlEntry(EveryonePrincipal.getInstance(), testPrivileges);
acMgr.setPolicy(TEST_PATH, policy);
root.commit();
principalAcl = getPrincipalAcl(acMgr, testPrincipal);
}
Also used :
JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
Before(org.junit.Before)
Example 5 with AccessControlList
use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.
the class PolicyOwnerImplTest method before.
@Override
@Before
public void before() throws Exception {
super.before();
acMgr = new AccessControlManagerImpl(root, getNamePathMapper(), getSecurityProvider());
AccessControlList policy = AccessControlUtils.getAccessControlList(acMgr, TEST_PATH);
policy.addAccessControlEntry(testPrincipal, testPrivileges);
acMgr.setPolicy(TEST_PATH, policy);
root.commit();
}
Also used :
AccessControlList(javax.jcr.security.AccessControlList)
Before(org.junit.Before)
Aggregations
AccessControlList (javax.jcr.security.AccessControlList)97
AccessControlEntry (javax.jcr.security.AccessControlEntry)49
AccessControlManager (javax.jcr.security.AccessControlManager)49
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39
Privilege (javax.jcr.security.Privilege)25
Node (javax.jcr.Node)17
RepositoryException (javax.jcr.RepositoryException)17
JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)17
AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)15
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)15
Test (org.junit.Test)13
Principal (java.security.Principal)12
AccessDeniedException (javax.jcr.AccessDeniedException)12
ArrayList (java.util.ArrayList)9
HashSet (java.util.HashSet)6
AccessControlException (javax.jcr.security.AccessControlException)6
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6
NodeImpl (org.apache.jackrabbit.core.NodeImpl)6
MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)5
AccessControlException (java.security.AccessControlException)5
