Examples with AccessControlList javax.jcr.security.AccessControlList used on opensource projects

Search in sources :

Example 41 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class AccessControlManagerImplTest method testAddingFourAccessControlEntries.

/**
 * Add an AccessControlList with four entries. This will result in having the result in:
 * Transient-space: An ACL node that has four child-nodes.
 * Persistent-state: An ACL node that has one child-node.
 * NOTE: That Jackrabbit-core tries to internally merge the entries that belongs to the same
 * principal, which is not the case for the client-side ACM implementation.
 */
public void testAddingFourAccessControlEntries() throws Exception {
    try {
        AccessControlList acl = (AccessControlList) getACL(testRoot);
        // check precondition,see JCR-3995
        if (testRootNode.hasNode("rep:policy")) {
            assertEquals("should not have any ace nodes at this point", 0, testRootNode.getNode("rep:policy").getNodes().getSize());
        }
        acl.addAccessControlEntry(getUnknownPrincipal(), privilegesFromName(Privilege.JCR_READ));
        acl.addAccessControlEntry(getUnknownPrincipal(), privilegesFromName(Privilege.JCR_READ));
        acl.addAccessControlEntry(getUnknownPrincipal(), privilegesFromName(Privilege.JCR_READ));
        acl.addAccessControlEntry(getUnknownPrincipal(), privilegesFromName(Privilege.JCR_READ));
        acMgr.setPolicy(testRoot, acl);
        // Transient-space: Must contain FOUR ace nodes.
        assertEquals(4, testRootNode.getNode("rep:policy").getNodes().getSize());
        superuser.save();
        // Persistent-state: Must contain a single ace node -> entries were
        // merged
        assertEquals(1, testRootNode.getNode("rep:policy").getNodes().getSize());
    } finally {
        superuser.refresh(false);
    }
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 42 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class ConcurrentReadAccessControlledTreeTest method beforeSuite.

@Override
protected void beforeSuite() throws Exception {
    super.beforeSuite();
    ItemVisitor visitor = new TraversingItemVisitor.Default() {

        int counter = 0;

        @Override
        protected void entering(Node node, int level) throws RepositoryException {
            if (++counter == 10) {
                addPolicy(node);
                counter = 0;
            }
            super.entering(node, level);
        }

        private void addPolicy(Node node) throws RepositoryException {
            AccessControlManager acMgr = node.getSession().getAccessControlManager();
            String path = node.getPath();
            AccessControlPolicyIterator acIterator = acMgr.getApplicablePolicies(path);
            if (acIterator.hasNext()) {
                AccessControlPolicy policy = acIterator.nextAccessControlPolicy();
                if (policy instanceof AccessControlList) {
                    AccessControlList acl = (AccessControlList) policy;
                    Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ), acMgr.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL) };
                    if (acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges)) {
                        acMgr.setPolicy(path, acl);
                        node.getSession().save();
                    }
                }
            }
        }
    };
    visitor.visit(testRoot);
    for (int i = 0; i < bgReaders; i++) {
        addBackgroundJob(new RandomRead(loginReader(), false));
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) ItemVisitor(javax.jcr.ItemVisitor) TraversingItemVisitor(javax.jcr.util.TraversingItemVisitor) Node(javax.jcr.Node) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) Privilege(javax.jcr.security.Privilege)

Example 43 with AccessControlList

use of javax.jcr.security.AccessControlList in project kylo by Teradata.

the class JcrAccessControlUtil method getAccessControlList.

private static AccessControlList getAccessControlList(String path, AccessControlManager acm) throws PathNotFoundException, AccessDeniedException, RepositoryException {
    AccessControlList acl = null;
    AccessControlPolicyIterator it = acm.getApplicablePolicies(path);
    if (it.hasNext()) {
        acl = (AccessControlList) it.nextAccessControlPolicy();
    } else {
        acl = (AccessControlList) acm.getPolicies(path)[0];
    }
    return acl;
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator)

Example 44 with AccessControlList

use of javax.jcr.security.AccessControlList in project kylo by Teradata.

the class JcrAccessControlUtil method getPrivileges.

public static Set<Privilege> getPrivileges(Session session, Principal principal, String path) {
    try {
        AccessControlManager acm = session.getAccessControlManager();
        AccessControlList acl = getAccessControlList(path, acm);
        for (AccessControlEntry entry : acl.getAccessControlEntries()) {
            if (matchesPrincipal(principal, entry)) {
                return new HashSet<>(Arrays.asList(entry.getPrivileges()));
            }
        }
        return Collections.emptySet();
    } catch (AccessDeniedException e) {
        throw new AccessControlException(e.getMessage());
    } catch (RepositoryException e) {
        throw new MetadataRepositoryException("Failed to get the privileges for node " + path, e);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) AccessDeniedException(javax.jcr.AccessDeniedException) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlException(java.security.AccessControlException) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException) HashSet(java.util.HashSet)

Example 45 with AccessControlList

use of javax.jcr.security.AccessControlList in project kylo by Teradata.

the class JcrAccessControlUtil method updatePermissions.

private static boolean updatePermissions(Session session, String path, Principal principal, boolean replace, Privilege... privileges) {
    try {
        AccessControlManager acm = session.getAccessControlManager();
        AccessControlList acl = getAccessControlList(path, acm);
        boolean changed = false;
        if (replace) {
            changed |= removeEntry(acl, principal);
        }
        if (privileges.length > 0) {
            changed |= addEntry(session, acl, principal, privileges);
        }
        acm.setPolicy(path, acl);
        return changed;
    } catch (AccessDeniedException e) {
        throw new AccessControlException(e.getMessage());
    } catch (RepositoryException e) {
        throw new MetadataRepositoryException("Failed to add permission(s) to node " + path + ": " + Arrays.toString(privileges), e);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) AccessDeniedException(javax.jcr.AccessDeniedException) AccessControlException(java.security.AccessControlException) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException)

Aggregations

AccessControlList (javax.jcr.security.AccessControlList)97 AccessControlEntry (javax.jcr.security.AccessControlEntry)49 AccessControlManager (javax.jcr.security.AccessControlManager)49 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39 Privilege (javax.jcr.security.Privilege)25 Node (javax.jcr.Node)17 RepositoryException (javax.jcr.RepositoryException)17 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)17 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)15 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)15 Test (org.junit.Test)13 Principal (java.security.Principal)12 AccessDeniedException (javax.jcr.AccessDeniedException)12 ArrayList (java.util.ArrayList)9 HashSet (java.util.HashSet)6 AccessControlException (javax.jcr.security.AccessControlException)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 NodeImpl (org.apache.jackrabbit.core.NodeImpl)6 MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)5 AccessControlException (java.security.AccessControlException)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial