Examples with Privilege javax.jcr.security.Privilege used on opensource projects

Search in sources :

Example 36 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ACLTest method testComplementaryGroupEntry.

@Test
public void testComplementaryGroupEntry() throws Exception {
    Privilege[] readPriv = privilegesFromNames(JCR_READ);
    Privilege[] writePriv = privilegesFromNames(JCR_WRITE);
    Principal everyone = principalManager.getEveryone();
    acl.addEntry(testPrincipal, readPriv, true);
    acl.addEntry(everyone, readPriv, true);
    acl.addEntry(testPrincipal, writePriv, false);
    acl.addEntry(everyone, writePriv, true);
    // entry complementary to the first entry
    // -> must remove the allow-READ entry and update the deny-WRITE entry.
    acl.addEntry(testPrincipal, readPriv, false);
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    assertEquals(2, entries.length);
    JackrabbitAccessControlEntry first = (JackrabbitAccessControlEntry) entries[0];
    assertEquals(everyone, first.getPrincipal());
    JackrabbitAccessControlEntry second = (JackrabbitAccessControlEntry) entries[1];
    assertEquals(testPrincipal, second.getPrincipal());
    assertACE(second, false, privilegesFromNames(JCR_READ, JCR_WRITE));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Example 37 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ACLTest method testReorderToTheEnd.

@Test
public void testReorderToTheEnd() throws Exception {
    Privilege[] read = privilegesFromNames(JCR_READ, JCR_READ_ACCESS_CONTROL);
    Privilege[] write = privilegesFromNames(JCR_WRITE);
    AbstractAccessControlList acl = createEmptyACL();
    acl.addAccessControlEntry(testPrincipal, read);
    acl.addEntry(testPrincipal, write, false);
    acl.addAccessControlEntry(EveryonePrincipal.getInstance(), write);
    List<? extends JackrabbitAccessControlEntry> entries = acl.getEntries();
    assertEquals(3, entries.size());
    AccessControlEntry first = entries.get(0);
    acl.orderBefore(first, null);
    List<? extends JackrabbitAccessControlEntry> entriesAfter = acl.getEntries();
    assertEquals(first, entriesAfter.get(2));
}
Also used : AbstractAccessControlList(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlList) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Test(org.junit.Test)

Example 38 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ACLTest method testUpdateGroupEntry.

@Test
public void testUpdateGroupEntry() throws Exception {
    Privilege[] readPriv = privilegesFromNames(JCR_READ);
    Privilege[] writePriv = privilegesFromNames(JCR_WRITE);
    Principal everyone = principalManager.getEveryone();
    acl.addEntry(testPrincipal, readPriv, true);
    acl.addEntry(everyone, readPriv, true);
    acl.addEntry(testPrincipal, writePriv, false);
    // adding an entry that should update the existing allow-entry for everyone.
    acl.addEntry(everyone, writePriv, true);
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    assertEquals(3, entries.length);
    JackrabbitAccessControlEntry princ2AllowEntry = (JackrabbitAccessControlEntry) entries[1];
    assertEquals(everyone, princ2AllowEntry.getPrincipal());
    assertACE(princ2AllowEntry, true, privilegesFromNames(JCR_READ, JCR_WRITE));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Example 39 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class ACLTest method testAllowWriteDenyRemoveGroupEntries.

@Test
public void testAllowWriteDenyRemoveGroupEntries() throws Exception {
    Principal everyone = principalManager.getEveryone();
    Privilege[] grPriv = privilegesFromNames(REP_WRITE);
    Privilege[] dePriv = privilegesFromNames(JCR_REMOVE_CHILD_NODES);
    acl.addEntry(everyone, grPriv, true, Collections.<String, Value>emptyMap());
    acl.addEntry(everyone, dePriv, false, Collections.<String, Value>emptyMap());
    Set<Privilege> allows = new HashSet<Privilege>();
    Set<Privilege> denies = new HashSet<Privilege>();
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    for (AccessControlEntry en : entries) {
        if (everyone.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry) {
            JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
            Privilege[] privs = ace.getPrivileges();
            if (ace.isAllow()) {
                allows.addAll(Arrays.asList(privs));
            } else {
                denies.addAll(Arrays.asList(privs));
            }
        }
    }
    Privilege[] expected = privilegesFromNames(JCR_ADD_CHILD_NODES, JCR_REMOVE_NODE, JCR_MODIFY_PROPERTIES, JCR_NODE_TYPE_MANAGEMENT);
    assertEquals(expected.length, allows.size());
    assertEquals(ImmutableSet.copyOf(expected), allows);
    assertEquals(1, denies.size());
    assertArrayEquals(privilegesFromNames(JCR_REMOVE_CHILD_NODES), denies.toArray(new Privilege[denies.size()]));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 40 with Privilege

use of javax.jcr.security.Privilege in project jackrabbit-oak by apache.

the class L2_PermissionDiscoveryTest method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    Property p = testRootNode.setProperty(propertyName1, "val");
    propertyPath = p.getPath();
    Node child = testRootNode.addNode(nodeName1);
    childPath = child.getPath();
    User testUser = ExerciseUtility.createTestUser(((JackrabbitSession) superuser).getUserManager());
    testPrincipal = testUser.getPrincipal();
    Privilege[] privs = AccessControlUtils.privilegesFromNames(superuser, Privilege.JCR_READ, PrivilegeConstants.REP_ADD_PROPERTIES);
    Privilege[] privs2 = AccessControlUtils.privilegesFromNames(superuser, Privilege.JCR_ADD_CHILD_NODES);
    if (!AccessControlUtils.addAccessControlEntry(superuser, testRoot, testPrincipal, privs, true) || !AccessControlUtils.addAccessControlEntry(superuser, childPath, testPrincipal, privs2, true)) {
        throw new NotExecutableException();
    }
    superuser.save();
    testSession = superuser.getRepository().login(ExerciseUtility.getTestCredentials(testUser.getID()));
}
Also used : User(org.apache.jackrabbit.api.security.user.User) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) Node(javax.jcr.Node) Privilege(javax.jcr.security.Privilege) Property(javax.jcr.Property)

Aggregations

Privilege (javax.jcr.security.Privilege)336 Test (org.junit.Test)95 AccessControlManager (javax.jcr.security.AccessControlManager)94 Session (javax.jcr.Session)80 Principal (java.security.Principal)63 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)60 Node (javax.jcr.Node)54 AccessControlEntry (javax.jcr.security.AccessControlEntry)52 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)39 Value (javax.jcr.Value)31 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)31 HashMap (java.util.HashMap)28 AccessDeniedException (javax.jcr.AccessDeniedException)26 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)26 AccessControlList (javax.jcr.security.AccessControlList)25 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)25 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)24 ArrayList (java.util.ArrayList)23 HashSet (java.util.HashSet)21 AccessControlException (javax.jcr.security.AccessControlException)21
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial