Examples with AccessControlList javax.jcr.security.AccessControlList used on opensource projects

Search in sources :

Example 86 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class AccessControlManagerImplTest method testRemovePolicyAfterASetPoliciesCall.

/**
 * This should be able to return the policies that has been transiently added
 * to the node at testRoot, as the getPolicies api specifies that the method should
 * take the transient changes into account.
 * @throws Exception
 */
public void testRemovePolicyAfterASetPoliciesCall() throws Exception {
    try {
        AccessControlPolicyIterator policies = acMgr.getApplicablePolicies(testRoot);
        while (policies.hasNext()) {
            AccessControlList acl = (AccessControlListImpl) policies.nextAccessControlPolicy();
            // GRANT read privilege
            acl.addAccessControlEntry(getUnknownPrincipal(), privilegesFromName(Privilege.JCR_READ));
            acMgr.setPolicy(testRoot, acl);
            AccessControlPolicy[] transientPolicy = acMgr.getPolicies(testRoot);
            acMgr.removePolicy(testRoot, transientPolicy[0]);
            assertEquals(0, acMgr.getPolicies(testRoot).length);
        }
    } finally {
        superuser.refresh(false);
    }
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator)

Example 87 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class AccessControlManagerImplTest method testRemovePolicyAfterASaveCall.

/**
 * Test removing an effective policy.
 */
public void testRemovePolicyAfterASaveCall() throws Exception {
    try {
        AccessControlList[] acl = (AccessControlList[]) acMgr.getPolicies(testRoot);
        if (acl.length > 0) {
            acMgr.removePolicy(testRoot, acl[0]);
        } else {
            AccessControlPolicy policy = acMgr.getApplicablePolicies(testRoot).nextAccessControlPolicy();
            acMgr.setPolicy(testRoot, policy);
            acMgr.removePolicy(testRoot, policy);
        }
        // transient removal
        AccessControlPolicy[] noPolicies = acMgr.getPolicies(testRoot);
        assertEquals(0, noPolicies.length);
        // save changes -> removal of protected items on jcr-server
        superuser.save();
    } catch (Exception e) {
        throw new RepositoryException(e.getMessage());
    } finally {
        superuser.refresh(false);
    }
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) RepositoryException(javax.jcr.RepositoryException) PathNotFoundException(javax.jcr.PathNotFoundException) RepositoryException(javax.jcr.RepositoryException) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)

Example 88 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class AccessControlManagerImpl method getPolicies.

public AccessControlPolicy[] getPolicies(String absPath) throws RepositoryException {
    checkValidNodePath(absPath);
    List<AccessControlList> policies = new ArrayList<AccessControlList>();
    NodeState aclNode = getAclNode(absPath);
    AccessControlList acl;
    if (aclNode != null) {
        acl = new AccessControlListImpl(aclNode, absPath, npResolver, qvf, this);
        policies.add(acl);
    }
    return policies.toArray(new AccessControlList[policies.size()]);
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) NodeState(org.apache.jackrabbit.jcr2spi.state.NodeState) ArrayList(java.util.ArrayList)

Example 89 with AccessControlList

use of javax.jcr.security.AccessControlList in project kylo by Teradata.

the class JcrAccessControlUtil method getAllPrivileges.

public static Map<Principal, Set<Privilege>> getAllPrivileges(Session session, String path) {
    try {
        Map<Principal, Set<Privilege>> map = new HashMap<>();
        AccessControlManager acm = session.getAccessControlManager();
        AccessControlList acl = getAccessControlList(path, acm);
        for (AccessControlEntry entry : acl.getAccessControlEntries()) {
            Principal principal = derivePrincipal(entry);
            map.put(principal, new HashSet<>(Arrays.asList(entry.getPrivileges())));
        }
        return map;
    } catch (AccessDeniedException e) {
        throw new AccessControlException(e.getMessage());
    } catch (RepositoryException e) {
        throw new MetadataRepositoryException("Failed to get the privileges for node " + path, e);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) AccessDeniedException(javax.jcr.AccessDeniedException) HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlException(java.security.AccessControlException) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) Principal(java.security.Principal) SimplePrincipal(org.modeshape.jcr.security.SimplePrincipal)

Example 90 with AccessControlList

use of javax.jcr.security.AccessControlList in project kylo by Teradata.

the class JcrAccessControlUtil method removePermissions.

public static boolean removePermissions(Session session, String path, Principal principal, Privilege... removes) {
    try {
        // There should always be an ACL entry for "admin".
        if (removes.length > 0 && !principal.getName().equals(ModeShapeRoles.ADMIN)) {
            AccessControlManager acm = session.getAccessControlManager();
            AccessControlPolicy[] aclArray = acm.getPolicies(path);
            if (aclArray.length > 0) {
                AccessControlList acl = (AccessControlList) aclArray[0];
                boolean removed = false;
                for (AccessControlEntry entry : acl.getAccessControlEntries()) {
                    if (matchesPrincipal(principal, entry)) {
                        Privilege[] newPrivs = Arrays.stream(entry.getPrivileges()).filter(p -> !Arrays.stream(removes).anyMatch(r -> r.equals(p))).toArray(Privilege[]::new);
                        if (entry.getPrivileges().length != newPrivs.length) {
                            acl.removeAccessControlEntry(entry);
                            if (newPrivs.length != 0) {
                                acl.addAccessControlEntry(entry.getPrincipal(), newPrivs);
                            }
                            removed = true;
                        }
                    }
                }
                acm.setPolicy(path, acl);
                return removed;
            } else {
                return false;
            }
        } else {
            return false;
        }
    } catch (AccessDeniedException e) {
        throw new AccessControlException(e.getMessage());
    } catch (RepositoryException e) {
        throw new MetadataRepositoryException("Failed to remove permission(s) from node " + path + ": " + Arrays.toString(removes), e);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) Arrays(java.util.Arrays) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) AccessControlEntry(javax.jcr.security.AccessControlEntry) HashMap(java.util.HashMap) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) ModeShapeRoles(org.modeshape.jcr.ModeShapeRoles) Deque(java.util.Deque) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) AccessDeniedException(javax.jcr.AccessDeniedException) HashSet(java.util.HashSet) PathNotFoundException(javax.jcr.PathNotFoundException) RepositoryException(javax.jcr.RepositoryException) Node(javax.jcr.Node) Map(java.util.Map) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) AccessControlList(javax.jcr.security.AccessControlList) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) Session(javax.jcr.Session) Collection(java.util.Collection) Set(java.util.Set) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) UnsupportedRepositoryOperationException(javax.jcr.UnsupportedRepositoryOperationException) Principal(java.security.Principal) SimplePrincipal(org.modeshape.jcr.security.SimplePrincipal) Group(java.security.acl.Group) AccessControlException(java.security.AccessControlException) Optional(java.util.Optional) AccessControlManager(javax.jcr.security.AccessControlManager) JcrUtil(com.thinkbiganalytics.metadata.modeshape.support.JcrUtil) Authentication(org.springframework.security.core.Authentication) ArrayDeque(java.util.ArrayDeque) Collections(java.util.Collections) Privilege(javax.jcr.security.Privilege) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessDeniedException(javax.jcr.AccessDeniedException) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlException(java.security.AccessControlException) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException) Privilege(javax.jcr.security.Privilege)

Aggregations

AccessControlList (javax.jcr.security.AccessControlList)97 AccessControlEntry (javax.jcr.security.AccessControlEntry)49 AccessControlManager (javax.jcr.security.AccessControlManager)49 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39 Privilege (javax.jcr.security.Privilege)25 Node (javax.jcr.Node)17 RepositoryException (javax.jcr.RepositoryException)17 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)17 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)15 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)15 Test (org.junit.Test)13 Principal (java.security.Principal)12 AccessDeniedException (javax.jcr.AccessDeniedException)12 ArrayList (java.util.ArrayList)9 HashSet (java.util.HashSet)6 AccessControlException (javax.jcr.security.AccessControlException)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 NodeImpl (org.apache.jackrabbit.core.NodeImpl)6 MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)5 AccessControlException (java.security.AccessControlException)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial