Examples with Privilege javax.jcr.security.Privilege used on opensource projects

Search in sources :

Example 31 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ReadTest method testGlobRestriction2.

@Test
public void testGlobRestriction2() throws Exception {
    Group group2 = getUserManager(superuser).createGroup(generateId("group2_"));
    Group group3 = getUserManager(superuser).createGroup(generateId("group3_"));
    superuser.save();
    try {
        Privilege[] readPrivs = privilegesFromName(Privilege.JCR_READ);
        modify(path, getTestGroup().getPrincipal(), readPrivs, true, createGlobRestriction("/*"));
        allow(path, group2.getPrincipal(), readPrivs);
        deny(path, group3.getPrincipal(), readPrivs);
        Set<Principal> principals = new HashSet<Principal>();
        principals.add(getTestGroup().getPrincipal());
        principals.add(group2.getPrincipal());
        principals.add(group3.getPrincipal());
        assertFalse(((JackrabbitAccessControlManager) acMgr).hasPrivileges(path, principals, readPrivs));
        assertFalse(((JackrabbitAccessControlManager) acMgr).hasPrivileges(childNPath, principals, readPrivs));
    } finally {
        group2.remove();
        group3.remove();
        superuser.save();
    }
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 32 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class InheritanceTest method testReorderGroupPermissions.

@Test
public void testReorderGroupPermissions() throws Exception {
    /* add privileges for the Group the test-user is member of */
    deny(path, testGroup.getPrincipal(), modPropPrivileges);
    allow(path, group2.getPrincipal(), modPropPrivileges);
    /*
         testuser must get the permissions/privileges inherited from
         the group it is member of.
         granting permissions for group2 must be effective
        */
    String actions = getActions(Session.ACTION_SET_PROPERTY, Session.ACTION_READ);
    assertTrue(testSession.hasPermission(path, actions));
    Privilege[] privs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
    assertTrue(testAcMgr.hasPrivileges(path, privs));
    // reorder the ACEs
    AccessControlEntry srcEntry = null;
    AccessControlEntry destEntry = null;
    JackrabbitAccessControlList acl = (JackrabbitAccessControlList) acMgr.getPolicies(path)[0];
    for (AccessControlEntry entry : acl.getAccessControlEntries()) {
        Principal princ = entry.getPrincipal();
        if (testGroup.getPrincipal().equals(princ)) {
            destEntry = entry;
        } else if (group2.getPrincipal().equals(princ)) {
            srcEntry = entry;
        }
    }
    acl.orderBefore(srcEntry, destEntry);
    acMgr.setPolicy(path, acl);
    superuser.save();
    testSession.refresh(false);
    /* after reordering the permissions must be denied */
    assertFalse(testSession.hasPermission(path, actions));
    assertFalse(testAcMgr.hasPrivileges(path, privs));
}
Also used : AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Example 33 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class JackrabbitAccessControlListTest method testRemoveEntry.

@Test
public void testRemoveEntry() throws NotExecutableException, RepositoryException {
    Principal princ = getValidPrincipal();
    Privilege[] grPriv = privilegesFromName("rep:write");
    acl.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    int length = entries.length;
    assertTrue("Grant was both successful -> at least 1 entry.", length > 0);
    for (AccessControlEntry entry : entries) {
        acl.removeAccessControlEntry(entry);
        length = length - 1;
        assertEquals(length, acl.size());
        assertEquals(length, acl.getAccessControlEntries().length);
    }
    assertTrue(acl.isEmpty());
    assertEquals(0, acl.size());
    assertEquals(0, acl.getAccessControlEntries().length);
}
Also used : AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) Test(org.junit.Test) AbstractAccessControlTest(org.apache.jackrabbit.test.api.security.AbstractAccessControlTest)

Example 34 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ACLTest method testMultiplePrincipals.

@Test
public void testMultiplePrincipals() throws Exception {
    Principal everyone = principalManager.getEveryone();
    Privilege[] privs = privilegesFromNames(JCR_READ);
    acl.addAccessControlEntry(testPrincipal, privs);
    assertFalse(acl.addAccessControlEntry(testPrincipal, privs));
    // add same privileges for another principal -> must modify as well.
    assertTrue(acl.addAccessControlEntry(everyone, privs));
    // .. 2 entries must be present.
    assertTrue(acl.getAccessControlEntries().length == 2);
    assertEquals(everyone, acl.getAccessControlEntries()[1].getPrincipal());
}
Also used : Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Example 35 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ACLTest method testNewEntriesAppendedAtEnd.

@Test
public void testNewEntriesAppendedAtEnd() throws Exception {
    Privilege[] readPriv = privilegesFromNames(JCR_READ);
    Privilege[] writePriv = privilegesFromNames(JCR_WRITE);
    acl.addEntry(testPrincipal, readPriv, true);
    acl.addEntry(principalManager.getEveryone(), readPriv, true);
    acl.addEntry(testPrincipal, writePriv, false);
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    assertEquals(3, entries.length);
    JackrabbitAccessControlEntry last = (JackrabbitAccessControlEntry) entries[2];
    assertEquals(testPrincipal, last.getPrincipal());
    assertACE(last, false, writePriv);
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Test(org.junit.Test)

Aggregations

Privilege (javax.jcr.security.Privilege)336 Test (org.junit.Test)95 AccessControlManager (javax.jcr.security.AccessControlManager)94 Session (javax.jcr.Session)80 Principal (java.security.Principal)63 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)60 Node (javax.jcr.Node)54 AccessControlEntry (javax.jcr.security.AccessControlEntry)52 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)39 Value (javax.jcr.Value)31 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)31 HashMap (java.util.HashMap)28 AccessDeniedException (javax.jcr.AccessDeniedException)26 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)26 AccessControlList (javax.jcr.security.AccessControlList)25 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)25 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)24 ArrayList (java.util.ArrayList)23 HashSet (java.util.HashSet)21 AccessControlException (javax.jcr.security.AccessControlException)21
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial