Examples with AccessControlPolicy javax.jcr.security.AccessControlPolicy used on opensource projects

Search in sources :

Example 56 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testGetEffectivePolicies.

//---------------------------------------< getEffectivePolicies(String) >---
@Test
public void testGetEffectivePolicies() throws Exception {
    AccessControlPolicy[] policies = acMgr.getEffectivePolicies(testPath);
    assertNotNull(policies);
    assertEquals(0, policies.length);
    setupPolicy(testPath);
    root.commit();
    policies = acMgr.getEffectivePolicies(testPath);
    assertNotNull(policies);
    assertEquals(1, policies.length);
    NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
    String childPath = child.getTree().getPath();
    policies = acMgr.getEffectivePolicies(childPath);
    assertNotNull(policies);
    assertEquals(1, policies.length);
    setupPolicy(childPath);
    root.commit();
    policies = acMgr.getEffectivePolicies(childPath);
    assertNotNull(policies);
    assertEquals(2, policies.length);
}
Also used : JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 57 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.

the class NodeImplTest method changeReadPermission.

public static void changeReadPermission(Principal principal, Node n, boolean allowRead) throws RepositoryException, NotExecutableException {
    SessionImpl s = (SessionImpl) n.getSession();
    JackrabbitAccessControlList acl = null;
    AccessControlManager acMgr = s.getAccessControlManager();
    AccessControlPolicyIterator it = acMgr.getApplicablePolicies(n.getPath());
    while (it.hasNext()) {
        AccessControlPolicy acp = it.nextAccessControlPolicy();
        if (acp instanceof JackrabbitAccessControlList) {
            acl = (JackrabbitAccessControlList) acp;
            break;
        }
    }
    if (acl == null) {
        AccessControlPolicy[] acps = acMgr.getPolicies(n.getPath());
        for (AccessControlPolicy acp : acps) {
            if (acp instanceof JackrabbitAccessControlList) {
                acl = (JackrabbitAccessControlList) acp;
                break;
            }
        }
    }
    if (acl != null) {
        acl.addEntry(principal, new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ) }, allowRead);
        acMgr.setPolicy(n.getPath(), acl);
        s.save();
    } else {
        // no JackrabbitAccessControlList found.
        throw new NotExecutableException();
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 58 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.

the class JackrabbitAccessControlListTest method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    Node n = testRootNode.addNode(nodeName1, testNodeType);
    superuser.save();
    AccessControlPolicyIterator it = acMgr.getApplicablePolicies(n.getPath());
    while (it.hasNext() && templ == null) {
        AccessControlPolicy p = it.nextAccessControlPolicy();
        if (p instanceof JackrabbitAccessControlList) {
            templ = (JackrabbitAccessControlList) p;
        }
    }
    if (templ == null) {
        superuser.logout();
        throw new NotExecutableException("No JackrabbitAccessControlList to test.");
    }
    privilegeMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
}
Also used : AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) Node(javax.jcr.Node) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 59 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.

the class AbstractRepositoryOperationTest method testGetEffectivePoliciesByPrincipal.

public void testGetEffectivePoliciesByPrincipal() throws Exception {
    if (!(acMgr instanceof JackrabbitAccessControlManager)) {
        throw new NotExecutableException();
    }
    JackrabbitAccessControlManager jAcMgr = (JackrabbitAccessControlManager) acMgr;
    Set<Principal> principalSet = Collections.singleton(testUser.getPrincipal());
    try {
        // initial state: no repo level policy
        AccessControlPolicy[] policies = acMgr.getPolicies(null);
        assertNotNull(policies);
        assertEquals(0, policies.length);
        AccessControlPolicy[] effective = jAcMgr.getEffectivePolicies(principalSet);
        assertNotNull(effective);
        assertEquals(0, effective.length);
        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(null);
        assertTrue(it.hasNext());
        // modify the repo level policy
        modifyPrivileges(null, NameConstants.JCR_NODE_TYPE_DEFINITION_MANAGEMENT.toString(), false);
        modifyPrivileges(null, NameConstants.JCR_NAMESPACE_MANAGEMENT.toString(), true);
        // verify that the effective policies for the given principal set
        // is properly calculated.
        AccessControlPolicy[] eff = jAcMgr.getEffectivePolicies(principalSet);
        assertNotNull(eff);
        assertEquals(1, eff.length);
        assertTrue(eff[0] instanceof AccessControlList);
        AccessControlList acl = (AccessControlList) eff[0];
        AccessControlEntry[] aces = acl.getAccessControlEntries();
        assertNotNull(aces);
        assertEquals(2, aces.length);
        for (AccessControlEntry ace : aces) {
            assertEquals(testUser.getPrincipal(), ace.getPrincipal());
        }
    } catch (UnsupportedRepositoryOperationException e) {
        throw new NotExecutableException();
    } finally {
        // remove it again
        for (AccessControlPolicy plc : acMgr.getPolicies(null)) {
            acMgr.removePolicy(null, plc);
        }
        superuser.save();
        // back to initial state: no repo level policy
        AccessControlPolicy[] policies = acMgr.getPolicies(null);
        assertNotNull(policies);
        assertEquals(0, policies.length);
    }
}
Also used : JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) UnsupportedRepositoryOperationException(javax.jcr.UnsupportedRepositoryOperationException) JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) Principal(java.security.Principal)

Example 60 with AccessControlPolicy

use of javax.jcr.security.AccessControlPolicy in project jackrabbit by apache.

the class AbstractRepositoryOperationTest method testRepoPolicyAPI.

public void testRepoPolicyAPI() throws Exception {
    try {
        // initial state: no repo level policy
        AccessControlPolicy[] policies = acMgr.getPolicies(null);
        assertNotNull(policies);
        assertEquals(0, policies.length);
        AccessControlPolicy[] effective = acMgr.getEffectivePolicies(null);
        assertNotNull(effective);
        assertEquals(0, effective.length);
        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(null);
        assertNotNull(it);
        assertTrue(it.hasNext());
        AccessControlPolicy acp = it.nextAccessControlPolicy();
        assertNotNull(acp);
        assertTrue(acp instanceof JackrabbitAccessControlPolicy);
        // modify the repo level policy
        modifyPrivileges(null, NameConstants.JCR_NODE_TYPE_DEFINITION_MANAGEMENT.toString(), false);
        modifyPrivileges(null, NameConstants.JCR_NAMESPACE_MANAGEMENT.toString(), true);
        AccessControlPolicy[] plcs = acMgr.getPolicies(null);
        assertNotNull(plcs);
        assertEquals(1, plcs.length);
        assertTrue(plcs[0] instanceof AccessControlList);
        AccessControlList acl = (AccessControlList) plcs[0];
        AccessControlEntry[] aces = acl.getAccessControlEntries();
        assertNotNull(aces);
        assertEquals(2, aces.length);
        assertPrivilege(NameConstants.JCR_NAMESPACE_MANAGEMENT, true);
        assertPermission(Permission.NAMESPACE_MNGMT, true);
        assertPrivilege(NameConstants.JCR_NODE_TYPE_DEFINITION_MANAGEMENT, false);
        assertPermission(Permission.NODE_TYPE_DEF_MNGMT, false);
        effective = acMgr.getEffectivePolicies(null);
        assertNotNull(effective);
        assertEquals(1, effective.length);
        assertTrue(effective[0] instanceof AccessControlList);
        acl = (AccessControlList) effective[0];
        aces = acl.getAccessControlEntries();
        assertNotNull(aces);
        assertEquals(2, aces.length);
        // change the policy: removing the second entry in the access control list
        acl = (AccessControlList) acMgr.getPolicies(null)[0];
        AccessControlEntry toRemove = acl.getAccessControlEntries()[1];
        acl.removeAccessControlEntry(toRemove);
        acMgr.setPolicy(null, acl);
        superuser.save();
        acl = (AccessControlList) acMgr.getPolicies(null)[0];
        aces = acl.getAccessControlEntries();
        assertNotNull(aces);
        assertEquals(1, aces.length);
        assertPrivilege(NameConstants.JCR_NAMESPACE_MANAGEMENT, false);
        assertPermission(Permission.NAMESPACE_MNGMT, false);
        assertPrivilege(NameConstants.JCR_NODE_TYPE_DEFINITION_MANAGEMENT, false);
        assertPermission(Permission.NODE_TYPE_DEF_MNGMT, false);
    } catch (UnsupportedRepositoryOperationException e) {
        throw new NotExecutableException();
    } finally {
        // remove it again
        for (AccessControlPolicy plc : acMgr.getPolicies(null)) {
            acMgr.removePolicy(null, plc);
        }
        superuser.save();
        // back to initial state: no repo level policy
        AccessControlPolicy[] policies = acMgr.getPolicies(null);
        assertNotNull(policies);
        assertEquals(0, policies.length);
        AccessControlPolicy[] effective = acMgr.getEffectivePolicies(null);
        assertNotNull(effective);
        assertEquals(0, effective.length);
        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(null);
        assertNotNull(it);
        assertTrue(it.hasNext());
        AccessControlPolicy acp = it.nextAccessControlPolicy();
        assertNotNull(acp);
        assertTrue(acp instanceof JackrabbitAccessControlPolicy);
    }
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) UnsupportedRepositoryOperationException(javax.jcr.UnsupportedRepositoryOperationException) JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)

Aggregations

AccessControlPolicy (javax.jcr.security.AccessControlPolicy)182 Test (org.junit.Test)67 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)66 AccessControlManager (javax.jcr.security.AccessControlManager)62 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)52 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)52 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)49 AccessControlEntry (javax.jcr.security.AccessControlEntry)40 AccessControlList (javax.jcr.security.AccessControlList)32 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)32 NamedAccessControlPolicy (javax.jcr.security.NamedAccessControlPolicy)28 Privilege (javax.jcr.security.Privilege)28 Principal (java.security.Principal)24 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)23 NodeImpl (org.apache.jackrabbit.core.NodeImpl)18 TestACL (org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL)18 Node (javax.jcr.Node)17 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)17 Root (org.apache.jackrabbit.oak.api.Root)14 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)14
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial