use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testTestSessionGetEffectivePoliciesByPrincipal.
@Test
public void testTestSessionGetEffectivePoliciesByPrincipal() throws Exception {
NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
String childPath = child.getTree().getPath();
Privilege[] privs = privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL);
setupPolicy(testPath, privs);
setupPolicy(childPath, privs);
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
AccessControlPolicy[] effective = testAcMgr.getEffectivePolicies(Collections.singleton(testPrincipal));
assertNotNull(effective);
assertEquals(2, effective.length);
}
use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testPrivilegeFromExpandedName.
@Test
public void testPrivilegeFromExpandedName() throws Exception {
Privilege readPriv = getPrivilegeManager(root).getPrivilege(PrivilegeConstants.JCR_READ);
assertEquals(readPriv, acMgr.privilegeFromName(Privilege.JCR_READ));
}
use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.
the class ConcurrentCreateNodesTest method createACLsForEveryone.
private void createACLsForEveryone(Session session, int numACLs) throws RepositoryException {
AccessControlManager acMgr = session.getAccessControlManager();
Node listenHere = session.getRootNode().addNode("nodes-with-acl");
for (int i = 0; i < numACLs; i++) {
String path = listenHere.addNode("node-" + i).getPath();
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(session, path);
if (acl.isEmpty()) {
Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ) };
if (acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges)) {
acMgr.setPolicy(path, acl);
}
}
}
session.save();
}
use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.
the class ConcurrentEveryoneACLTest method beforeSuite.
@Override
public void beforeSuite() throws Exception {
Session session = loginWriter();
AccessControlManager acMgr = session.getAccessControlManager();
Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ), acMgr.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL) };
final Node root = session.getRootNode().addNode(ROOT_NODE_NAME, "nt:unstructured");
for (int i = 0; i < NODE_COUNT; i++) {
Node node = root.addNode("node" + i, "nt:unstructured");
for (int j = 0; j < NODE_COUNT; j++) {
Node newNode = node.addNode("node" + j, "nt:unstructured");
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(session, newNode.getPath());
acl.addEntry(EveryonePrincipal.getInstance(), privileges, true);
acMgr.setPolicy(newNode.getPath(), acl);
}
session.save();
}
// deny everyone on root node
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(session, root.getPath());
acl.addEntry(EveryonePrincipal.getInstance(), privileges, false);
acMgr.setPolicy(root.getPath(), acl);
session.save();
final int[] numACEs = new int[1];
ItemVisitor v = new TraversingItemVisitor.Default() {
@Override
protected void entering(Node node, int i) throws RepositoryException {
if (node.isNodeType(AccessControlConstants.NT_REP_ACE)) {
numACEs[0]++;
}
super.entering(node, i);
}
@Override
protected void entering(Property prop, int i) throws RepositoryException {
super.entering(prop, i);
}
};
v.visit(root);
System.out.println("Num ACEs: " + numACEs[0]);
session.logout();
}
use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.
the class ConcurrentReadAccessControlledTreeTest2 method addPolicy.
private void addPolicy(Node node) throws RepositoryException {
AccessControlManager acMgr = node.getSession().getAccessControlManager();
String path = node.getPath();
int level = 0;
if (node.isNodeType(AccessControlConstants.NT_REP_POLICY)) {
level = 1;
} else if (node.isNodeType(AccessControlConstants.NT_REP_ACE)) {
level = 2;
} else if (node.isNodeType(AccessControlConstants.NT_REP_RESTRICTIONS)) {
level = 3;
}
if (level > 0) {
path = Text.getRelativeParent(path, level);
}
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(node.getSession(), path);
if (acl != null) {
Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ), acMgr.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL) };
for (Principal principal : principals) {
acl.addAccessControlEntry(principal, privileges);
}
acMgr.setPolicy(path, acl);
adminSession.save();
}
}
Aggregations