Examples with AccessControlList javax.jcr.security.AccessControlList used on opensource projects

Example 56 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.

the class CugEvaluationTest method testHasAllPrivileges2.

@Test
public void testHasAllPrivileges2() throws Exception {
    AccessControlManager acMgr = getAccessControlManager(root);
    AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/content/a");
    acl.addAccessControlEntry(testGroupPrincipal, privilegesFromNames(PrivilegeConstants.JCR_ALL));
    acMgr.setPolicy("/content/a", acl);
    root.commit();
    // testGroup
    PermissionProvider pp = createPermissionProvider(testGroupPrincipal);
    assertFalse(pp.hasPrivileges(root.getTree("/content"), PrivilegeConstants.JCR_ALL));
    assertTrue(pp.hasPrivileges(root.getTree("/content/a"), PrivilegeConstants.JCR_ALL));
    assertTrue(pp.hasPrivileges(root.getTree("/content/a/b"), PrivilegeConstants.JCR_ALL));
    assertFalse(pp.hasPrivileges(root.getTree("/content/a/b/c"), PrivilegeConstants.JCR_ALL));
}

Example 57 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.

the class AdminPrincipalsBaseTest method before.

@Override
public void before() throws Exception {
    super.before();
    NodeUtil rootNode = new NodeUtil(root.getTree("/"), NamePathMapper.DEFAULT);
    rootNode.addChild("testNode", JcrConstants.NT_UNSTRUCTURED);
    administrativePrincipal = getUserManager(root).createGroup(new PrincipalImpl(ADMINISTRATORS_PRINCIPAL_NAME)).getPrincipal();
    root.commit();
    AccessControlManager acMgr = getAccessControlManager(root);
    AccessControlPolicyIterator itr = acMgr.getApplicablePolicies("/testNode");
    while (itr.hasNext() && acl == null) {
        AccessControlPolicy policy = itr.nextAccessControlPolicy();
        if (policy instanceof AccessControlList) {
            acl = (AccessControlList) policy;
        }
    }
    if (acl == null) {
        throw new RepositoryException("No applicable policy found.");
    }
}

Example 58 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testGetEffectiveModifiedPolicy.

@Test
public void testGetEffectiveModifiedPolicy() throws Exception {
    ACL acl = setupPolicy(testPath);
    AccessControlEntry[] aces = acl.getAccessControlEntries();
    root.commit();
    acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.JCR_VERSION_MANAGEMENT));
    acMgr.setPolicy(testPath, acl);
    AccessControlPolicy[] policies = acMgr.getEffectivePolicies(testPath);
    assertNotNull(policies);
    assertEquals(1, policies.length);
    assertTrue(policies[0] instanceof AccessControlList);
    AccessControlEntry[] effectiveAces = ((AccessControlList) policies[0]).getAccessControlEntries();
    assertArrayEquals(aces, effectiveAces);
    assertFalse(Arrays.equals(effectiveAces, acl.getAccessControlEntries()));
}

Example 59 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.

the class VersionTreePermissionTest method before.

@Override
public void before() throws Exception {
    super.before();
    NodeUtil testNode = new NodeUtil(root.getTree("/")).addChild("test", NT_OAK_UNSTRUCTURED);
    testNode.addChild("a", NT_OAK_UNSTRUCTURED).addChild("b", NT_OAK_UNSTRUCTURED).addChild("c", NT_OAK_UNSTRUCTURED);
    TreeUtil.addMixin(testNode.getTree(), MIX_VERSIONABLE, root.getTree(NODE_TYPES_PATH), null);
    AccessControlManager acMgr = getAccessControlManager(root);
    AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
    acl.addAccessControlEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ));
    acMgr.setPolicy("/test", acl);
    root.commit();
    // create a structure in the version storage
    testNode.setBoolean(JCR_ISCHECKEDOUT, false);
    root.commit();
    testNode.setBoolean(JCR_ISCHECKEDOUT, true);
    root.commit();
    testTree = testNode.getTree();
    vMgr = ReadOnlyVersionManager.getInstance(root, NamePathMapper.DEFAULT);
    pp = getConfig(AuthorizationConfiguration.class).getPermissionProvider(root, root.getContentSession().getWorkspaceName(), ImmutableSet.<Principal>of(EveryonePrincipal.getInstance()));
    assertTrue(pp instanceof PermissionProviderImpl);
    vpField = VersionTreePermission.class.getDeclaredField("versionablePermission");
    vpField.setAccessible(true);
    Class cls = Class.forName(CompiledPermissionImpl.class.getName() + "$TreePermissionImpl");
    tpImplTree = cls.getDeclaredField("tree");
    tpImplTree.setAccessible(true);
}

Example 60 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit-oak by apache.

the class L6_AccessControlContentTest method testRepoPolicy.

public void testRepoPolicy() throws RepositoryException {
    AccessControlList repoAcl = AccessControlUtils.getAccessControlList(acMgr, null);
    assertNotNull(repoAcl);
    repoAcl.addAccessControlEntry(testPrincipal, AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_NAMESPACE_MANAGEMENT));
    acMgr.setPolicy(null, repoAcl);
    // EXERCISE retrieve the policy node and verify the expected name, primary type and child items
    String policyPath = null;
    Node aclNode = superuser.getNode(policyPath);
    String expectedName = null;
    assertEquals(expectedName, aclNode.getName());
    String expectedPrimaryTypeName = null;
    assertEquals(expectedPrimaryTypeName, aclNode.getPrimaryNodeType().getName());
    NodeIterator aclChildren = aclNode.getNodes();
// EXERCISE verify the correct number + expected nature of the children.
// EXERCISE: can you also identify which mixins are being involved and where they got applied?
}