Examples with AccessControlManager javax.jcr.security.AccessControlManager used on opensource projects

Search in sources :

Example 36 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class AccessControlValidatorTest method testAceDifferentByRestrictionValue.

@Test
public void testAceDifferentByRestrictionValue() throws Exception {
    ValueFactory vf = getValueFactory(root);
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
    acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_ADD_CHILD_NODES), true, ImmutableMap.<String, Value>of(), ImmutableMap.of(AccessControlConstants.REP_NT_NAMES, new Value[] { vf.createValue(NodeTypeConstants.NT_OAK_UNSTRUCTURED, PropertyType.NAME) }));
    // add ac-entry that only differs by the value of the restriction
    acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_ADD_CHILD_NODES), true, ImmutableMap.<String, Value>of(), ImmutableMap.of(AccessControlConstants.REP_NT_NAMES, new Value[] { vf.createValue(NodeTypeConstants.NT_UNSTRUCTURED, PropertyType.NAME) }));
    assertEquals(2, acl.getAccessControlEntries().length);
    acMgr.setPolicy(testPath, acl);
    // persisting changes must succeed; the 2 ac-entries must not be treated as equal.
    root.commit();
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) Value(javax.jcr.Value) ValueFactory(javax.jcr.ValueFactory) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 37 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testGetSupportedPrivilegesIncludingPathConversion.

@Test
public void testGetSupportedPrivilegesIncludingPathConversion() throws Exception {
    List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager(root).getRegisteredPrivileges());
    List<String> testPaths = new ArrayList();
    testPaths.add('/' + TEST_LOCAL_PREFIX + ":testRoot");
    testPaths.add("/{" + TEST_URI + "}testRoot");
    NameMapper remapped = new LocalNameMapper(root, singletonMap(TEST_LOCAL_PREFIX, TEST_URI));
    AccessControlManager acMgr = createAccessControlManager(root, new NamePathMapperImpl(remapped));
    for (String path : testPaths) {
        Privilege[] supported = acMgr.getSupportedPrivileges(path);
        assertNotNull(supported);
        assertEquals(allPrivileges.size(), supported.length);
        assertTrue(allPrivileges.containsAll(Arrays.asList(supported)));
    }
}
Also used : AbstractAccessControlManager(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager) AccessControlManager(javax.jcr.security.AccessControlManager) JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) ArrayList(java.util.ArrayList) NameMapper(org.apache.jackrabbit.oak.namepath.NameMapper) GlobalNameMapper(org.apache.jackrabbit.oak.namepath.GlobalNameMapper) LocalNameMapper(org.apache.jackrabbit.oak.namepath.LocalNameMapper) Privilege(javax.jcr.security.Privilege) NamePathMapperImpl(org.apache.jackrabbit.oak.namepath.NamePathMapperImpl) LocalNameMapper(org.apache.jackrabbit.oak.namepath.LocalNameMapper) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 38 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit-oak by apache.

the class AccessControlImporterBaseTest method before.

@Override
public void before() throws Exception {
    super.before();
    Tree t = root.getTree(PathUtils.ROOT_PATH).addChild("testNode");
    t.setProperty(JcrConstants.JCR_PRIMARYTYPE, NodeTypeConstants.NT_OAK_UNSTRUCTURED, Type.NAME);
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, t.getPath());
    acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(PrivilegeConstants.JCR_READ));
    acMgr.setPolicy(t.getPath(), acl);
    root.commit();
    accessControlledTree = root.getTree("/testNode");
    aclTree = accessControlledTree.getChild(REP_POLICY);
    importer = new AccessControlImporter();
    principalName = getTestUser().getPrincipal().getName();
    principalInfo = new PropInfo(REP_PRINCIPAL_NAME, PropertyType.STRING, createTextValue(principalName));
    privInfo = new PropInfo(REP_PRIVILEGES, PropertyType.NAME, createTextValues(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES));
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) Tree(org.apache.jackrabbit.oak.api.Tree) PropInfo(org.apache.jackrabbit.oak.spi.xml.PropInfo) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 39 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit by apache.

the class UserImporterTest method testAccessControlActionExecutionForGroup.

public void testAccessControlActionExecutionForGroup() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.setGroupPrivilegeNames(Privilege.JCR_READ);
    umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property>" + "</sv:node>";
    NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getGroupsPath());
    try {
        doImport(target, xml);
        Authorizable a = umgr.getAuthorizable("g");
        assertNotNull(a);
        assertTrue(a.isGroup());
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
        assertNotNull(policies);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, aces.length);
        assertEquals("gPrincipal", aces[0].getPrincipal().getName());
    } finally {
        sImpl.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction) NodeImpl(org.apache.jackrabbit.core.NodeImpl) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Example 40 with AccessControlManager

use of javax.jcr.security.AccessControlManager in project jackrabbit by apache.

the class UserImporterTest method testAccessControlActionExecutionForUser2.

public void testAccessControlActionExecutionForUser2() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.setUserPrivilegeNames(Privilege.JCR_ALL);
    umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "</sv:node>";
    NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
    try {
        doImport(target, xml);
        Authorizable a = umgr.getAuthorizable("t");
        assertNotNull(a);
        assertFalse(a.isGroup());
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
        assertNotNull(policies);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, aces.length);
        assertEquals("tPrincipal", aces[0].getPrincipal().getName());
    } finally {
        sImpl.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction) NodeImpl(org.apache.jackrabbit.core.NodeImpl) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Aggregations

AccessControlManager (javax.jcr.security.AccessControlManager)192 Privilege (javax.jcr.security.Privilege)82 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)77 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)62 Session (javax.jcr.Session)47 Test (org.junit.Test)45 AccessControlEntry (javax.jcr.security.AccessControlEntry)39 Node (javax.jcr.Node)33 AccessControlList (javax.jcr.security.AccessControlList)32 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)32 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)23 Principal (java.security.Principal)22 Value (javax.jcr.Value)17 HashMap (java.util.HashMap)14 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)14 Group (org.apache.jackrabbit.api.security.user.Group)14 ValueFactory (javax.jcr.ValueFactory)13 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)13 NodeImpl (org.apache.jackrabbit.core.NodeImpl)13 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial