Examples with Privilege javax.jcr.security.Privilege used on opensource projects

Search in sources :

Example 91 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class L3_PrecedenceRulesTest method testAceOrder.

public void testAceOrder() throws RepositoryException {
    assertFalse(testSession.nodeExists(testRoot));
    Privilege[] readPrivs = AccessControlUtils.privilegesFromNames(superuser, Privilege.JCR_READ);
    // EXERCISE: fix the permission setup such that the test success without dropping either ACE
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(superuser, testRoot);
    acl.addEntry(testGroupPrincipal, readPrivs, true);
    acl.addEntry(EveryonePrincipal.getInstance(), readPrivs, false);
    superuser.getAccessControlManager().setPolicy(acl.getPath(), acl);
    superuser.save();
    testSession.refresh(false);
    assertTrue(testSession.nodeExists(testRoot));
    assertTrue(testSession.propertyExists(propertyPath));
}
Also used : Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 92 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class L4_PrivilegesAndPermissionsTest method testAddNodes.

public void testAddNodes() throws Exception {
    // grant the test principal jcr:addChildNode privilege at 'childPath'
    AccessControlUtils.addAccessControlEntry(superuser, childPath, testPrincipal, new String[] { Privilege.JCR_ADD_CHILD_NODES }, true);
    superuser.save();
    Session userSession = createTestSession();
    // EXERCISE: fill in the expected return values for Session.hasPermission as performed below
    // EXERCISE: verify that the test passes and explain the individual results
    Map<String, Boolean> pathHasPermissionMap = ImmutableMap.of(testRootNode.getPath(), null, childPath, null, childPath + "/toCreate", null, grandChildPath + "/nextGeneration", null, propertyPath, null);
    for (String path : pathHasPermissionMap.keySet()) {
        boolean expectedHasPermission = pathHasPermissionMap.get(path);
        assertEquals(expectedHasPermission, userSession.hasPermission(path, Session.ACTION_ADD_NODE));
    }
    // EXERCISE: fill in the expected return values for AccessControlManager#getPrivileges as performed below
    // EXERCISE: verify that the test passes and compare the results with your findings from the permission-discovery
    Map<String, Privilege[]> pathPrivilegesMap = ImmutableMap.of(testRootNode.getPath(), null, childPath, null, childPath + "/toCreate", null, grandChildPath + "/nextGeneration", null);
    for (String path : pathPrivilegesMap.keySet()) {
        Privilege[] expectedPrivileges = pathPrivilegesMap.get(path);
        assertEquals(ImmutableSet.of(expectedPrivileges), ImmutableSet.of(userSession.getAccessControlManager().getPrivileges(path)));
    }
// EXERCISE: optionally add nodes at the expected allowed path(s)
// EXERCISE: using 'userSession' to verify that it actually works and
// EXERCISE: save the changes to trigger the evaluation
}
Also used : Privilege(javax.jcr.security.Privilege) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)

Example 93 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class L4_PrivilegesAndPermissionsTest method testRemoveNodes.

public void testRemoveNodes() throws Exception {
    // EXERCISE: setup the correct set of privileges such that the test passes
    superuser.save();
    Map<String, Boolean> pathHasPermissionMap = ImmutableMap.of(testRootNode.getPath(), false, childPath, false, grandChildPath, true);
    Session userSession = createTestSession();
    for (String path : pathHasPermissionMap.keySet()) {
        boolean expectedHasPermission = pathHasPermissionMap.get(path);
        assertEquals(expectedHasPermission, userSession.hasPermission(path, Session.ACTION_REMOVE));
    }
    AccessControlManager acMgr = userSession.getAccessControlManager();
    assertFalse(acMgr.hasPrivileges(childPath, new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_REMOVE_NODE) }));
    userSession.getNode(grandChildPath).remove();
    userSession.save();
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) Privilege(javax.jcr.security.Privilege) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)

Example 94 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class L7_PrivilegeDiscoveryTest method testGetPrivilegesForPrincipalsUserSession.

public void testGetPrivilegesForPrincipalsUserSession() throws Exception {
    JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) userSession.getAccessControlManager();
    // EXERCISE: complete the test case and explain the behaviour
    Privilege[] privs = acMgr.getPrivileges(testPath, ImmutableSet.of(gPrincipal));
    Set<Privilege> expectedPrivs = null;
    assertEquals(expectedPrivs, ImmutableSet.copyOf(privs));
}
Also used : JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) Privilege(javax.jcr.security.Privilege)

Example 95 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class L7_PrivilegeDiscoveryTest method testGetPrivileges.

public void testGetPrivileges() throws Exception {
    AccessControlManager acMgr = userSession.getAccessControlManager();
    // EXERCISE
    Set<Privilege> expected = null;
    Privilege[] testRootPrivs = acMgr.getPrivileges(testRoot);
    assertEquals(expected, ImmutableSet.copyOf(testRootPrivs));
    // EXERCISE
    expected = null;
    Privilege[] privs = acMgr.getPrivileges(testPath);
    assertEquals(expected, ImmutableSet.copyOf(privs));
    // EXERCISE
    expected = null;
    Privilege[] childPrivs = acMgr.getPrivileges(childPath);
    assertEquals(expected, ImmutableSet.copyOf(childPrivs));
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager) Privilege(javax.jcr.security.Privilege)

Aggregations

Privilege (javax.jcr.security.Privilege)316 Test (org.junit.Test)95 AccessControlManager (javax.jcr.security.AccessControlManager)82 Session (javax.jcr.Session)76 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)59 Principal (java.security.Principal)57 Node (javax.jcr.Node)53 AccessControlEntry (javax.jcr.security.AccessControlEntry)47 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)37 Value (javax.jcr.Value)30 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)28 HashMap (java.util.HashMap)26 AccessDeniedException (javax.jcr.AccessDeniedException)25 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)25 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)24 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)24 ArrayList (java.util.ArrayList)21 AccessControlException (javax.jcr.security.AccessControlException)21 AccessControlList (javax.jcr.security.AccessControlList)21 Group (org.apache.jackrabbit.api.security.user.Group)20
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial