Examples with AccessControlManager javax.jcr.security.AccessControlManager used on opensource projects

Example 66 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class ConcurrentReadAccessControlledTreeTest2 method addPolicy.

private void addPolicy(Node node) throws RepositoryException {
    AccessControlManager acMgr = node.getSession().getAccessControlManager();
    String path = node.getPath();
    int level = 0;
    if (node.isNodeType(AccessControlConstants.NT_REP_POLICY)) {
        level = 1;
    } else if (node.isNodeType(AccessControlConstants.NT_REP_ACE)) {
        level = 2;
    } else if (node.isNodeType(AccessControlConstants.NT_REP_RESTRICTIONS)) {
        level = 3;
    }
    if (level > 0) {
        path = Text.getRelativeParent(path, level);
    }
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(node.getSession(), path);
    if (acl != null) {
        Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ), acMgr.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL) };
        for (Principal principal : principals) {
            acl.addAccessControlEntry(principal, privileges);
        }
        acMgr.setPolicy(path, acl);
        adminSession.save();
    }
}

Example 67 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class ConcurrentReadSinglePolicyTreeTest method visitingNode.

@Override
protected void visitingNode(Node node, int i) throws RepositoryException {
    super.visitingNode(node, i);
    String path = node.getPath();
    AccessControlManager acMgr = node.getSession().getAccessControlManager();
    if (testRoot.getPath().equals(path)) {
        JackrabbitAccessControlList policy = AccessControlUtils.getAccessControlList(acMgr, path);
        if (policy != null) {
            policy.addEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_READ), true);
        }
        acMgr.setPolicy(path, policy);
    } else if (!path.contains("rep:policy")) {
        for (AccessControlPolicy policy : acMgr.getPolicies(path)) {
            if (policy instanceof JackrabbitAccessControlList) {
                acMgr.removePolicy(path, policy);
            }
        }
    }
    node.getSession().save();
}

Example 68 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class AbstractRemoveMembersByIdTest method removeExistingMemberWithoutAccess.

Set<String> removeExistingMemberWithoutAccess() throws Exception {
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testGroup.getPath());
    if (acl != null) {
        if (acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_USER_MANAGEMENT), true)) {
            acMgr.setPolicy(testGroup.getPath(), acl);
            root.commit();
        }
    }
    String userId = getTestUser().getID();
    ContentSession testSession = null;
    try {
        testSession = login(new SimpleCredentials(userId, userId.toCharArray()));
        Root testRoot = testSession.getLatestRoot();
        assertFalse(testRoot.getTree(memberGroup.getPath()).exists());
        Group gr = getUserManager(testRoot).getAuthorizable(testGroup.getID(), Group.class);
        Set<String> failed = gr.removeMembers(memberGroup.getID());
        testRoot.commit();
        return failed;
    } finally {
        if (testSession != null) {
            testSession.close();
        }
    }
}

Example 69 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class L4_PrivilegesAndPermissionsTest method testRemoveNodes.

public void testRemoveNodes() throws Exception {
    // EXERCISE: setup the correct set of privileges such that the test passes
    superuser.save();
    Map<String, Boolean> pathHasPermissionMap = ImmutableMap.of(testRootNode.getPath(), false, childPath, false, grandChildPath, true);
    Session userSession = createTestSession();
    for (String path : pathHasPermissionMap.keySet()) {
        boolean expectedHasPermission = pathHasPermissionMap.get(path);
        assertEquals(expectedHasPermission, userSession.hasPermission(path, Session.ACTION_REMOVE));
    }
    AccessControlManager acMgr = userSession.getAccessControlManager();
    assertFalse(acMgr.hasPrivileges(childPath, new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_REMOVE_NODE) }));
    userSession.getNode(grandChildPath).remove();
    userSession.save();
}

Example 70 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class L7_PrivilegeDiscoveryTest method testGetPrivileges.

public void testGetPrivileges() throws Exception {
    AccessControlManager acMgr = userSession.getAccessControlManager();
    // EXERCISE
    Set<Privilege> expected = null;
    Privilege[] testRootPrivs = acMgr.getPrivileges(testRoot);
    assertEquals(expected, ImmutableSet.copyOf(testRootPrivs));
    // EXERCISE
    expected = null;
    Privilege[] privs = acMgr.getPrivileges(testPath);
    assertEquals(expected, ImmutableSet.copyOf(privs));
    // EXERCISE
    expected = null;
    Privilege[] childPrivs = acMgr.getPrivileges(childPath);
    assertEquals(expected, ImmutableSet.copyOf(childPrivs));
}