Example 46 with Privilege
use of javax.jcr.security.Privilege in project jackrabbit by apache.
the class ReadTest method testDenyGroupPathAllowEveryoneChildPath.
public void testDenyGroupPathAllowEveryoneChildPath() throws Exception {
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
Principal group = getTestGroup().getPrincipal();
Principal everyone = ((JackrabbitSession) superuser).getPrincipalManager().getEveryone();
/*
deny READ privilege for group at 'path'
*/
withdrawPrivileges(path, group, privileges, getRestrictions(superuser, path));
/*
allow READ privilege for everyone at 'childNPath'
*/
givePrivileges(path, everyone, privileges, getRestrictions(superuser, childNPath));
Session testSession = getTestSession();
assertTrue(testSession.nodeExists(childNPath));
}
Also used :
Privilege(javax.jcr.security.Privilege)
Principal(java.security.Principal)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Example 47 with Privilege
use of javax.jcr.security.Privilege in project jackrabbit by apache.
the class ReadTest method testDenyUserAllowGroup.
public void testDenyUserAllowGroup() throws Exception {
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
Principal group = getTestGroup().getPrincipal();
/*
deny READ privilege for testUser at 'path'
*/
withdrawPrivileges(path, testUser.getPrincipal(), privileges, getRestrictions(superuser, path));
/*
allow READ privilege for group at 'path'
*/
givePrivileges(path, group, privileges, getRestrictions(superuser, path));
Session testSession = getTestSession();
assertFalse(testSession.nodeExists(path));
}
Also used :
Privilege(javax.jcr.security.Privilege)
Principal(java.security.Principal)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Example 48 with Privilege
use of javax.jcr.security.Privilege in project jackrabbit by apache.
the class ReadTest method testAllowEveryoneDenyGroup.
public void testAllowEveryoneDenyGroup() throws Exception {
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
Principal group = getTestGroup().getPrincipal();
Principal everyone = ((JackrabbitSession) superuser).getPrincipalManager().getEveryone();
/*
allow READ privilege for everyone at 'path'
*/
givePrivileges(path, everyone, privileges, getRestrictions(superuser, path));
/*
deny READ privilege for group at 'path'
*/
withdrawPrivileges(path, group, privileges, getRestrictions(superuser, path));
Session testSession = getTestSession();
assertFalse(testSession.nodeExists(path));
}
Also used :
Privilege(javax.jcr.security.Privilege)
Principal(java.security.Principal)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Example 49 with Privilege
use of javax.jcr.security.Privilege in project jackrabbit by apache.
the class ReadTest method testDenyGroupPathAllowUserChildPath.
public void testDenyGroupPathAllowUserChildPath() throws Exception {
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
Principal group = getTestGroup().getPrincipal();
/*
deny READ privilege for group at 'path'
*/
withdrawPrivileges(path, group, privileges, getRestrictions(superuser, path));
/*
allow READ privilege for testUser at 'childNPath'
*/
givePrivileges(path, testUser.getPrincipal(), privileges, getRestrictions(superuser, childNPath));
Session testSession = getTestSession();
assertTrue(testSession.nodeExists(childNPath));
}
Also used :
Privilege(javax.jcr.security.Privilege)
Principal(java.security.Principal)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Example 50 with Privilege
use of javax.jcr.security.Privilege in project jackrabbit by apache.
the class ReadTest method testDenyGroupAllowEveryone.
public void testDenyGroupAllowEveryone() throws Exception {
Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
Principal group = getTestGroup().getPrincipal();
Principal everyone = ((JackrabbitSession) superuser).getPrincipalManager().getEveryone();
/*
deny READ privilege for group at 'path'
*/
withdrawPrivileges(path, group, privileges, getRestrictions(superuser, path));
/*
allow READ privilege for everyone at 'path'
*/
givePrivileges(path, everyone, privileges, getRestrictions(superuser, path));
Session testSession = getTestSession();
assertTrue(testSession.nodeExists(path));
}
Also used :
Privilege(javax.jcr.security.Privilege)
Principal(java.security.Principal)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Aggregations
Privilege (javax.jcr.security.Privilege)316
Test (org.junit.Test)95
AccessControlManager (javax.jcr.security.AccessControlManager)82
Session (javax.jcr.Session)76
JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)59
Principal (java.security.Principal)57
Node (javax.jcr.Node)53
AccessControlEntry (javax.jcr.security.AccessControlEntry)47
JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)37
Value (javax.jcr.Value)30
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)28
HashMap (java.util.HashMap)26
AccessDeniedException (javax.jcr.AccessDeniedException)25
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)25
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)24
JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)24
ArrayList (java.util.ArrayList)21
AccessControlException (javax.jcr.security.AccessControlException)21
AccessControlList (javax.jcr.security.AccessControlList)21
Group (org.apache.jackrabbit.api.security.user.Group)20
