Search in sources :

Example 76 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class GetNodeContentCommand method execute.

@Override
public Result<ResourceProxy> execute() {
    GetMethod get = new GetMethod(getPath());
    try {
        httpClient.getParams().setAuthenticationPreemptive(true);
        Credentials defaultcreds = new UsernamePasswordCredentials(repositoryInfo.getUsername(), repositoryInfo.getPassword());
        httpClient.getState().setCredentials(new AuthScope(repositoryInfo.getHost(), repositoryInfo.getPort(), AuthScope.ANY_REALM), defaultcreds);
        int responseStatus = httpClient.executeMethod(get);
        // return EncodingUtil.getString(rawdata, m.getResponseCharSet());
        if (!isSuccessStatus(responseStatus))
            return failureResultForStatusCode(responseStatus);
        ResourceProxy resource = new ResourceProxy(path);
        try (JsonReader jsonReader = new JsonReader(new InputStreamReader(get.getResponseBodyAsStream(), get.getResponseCharSet()))) {
            jsonReader.beginObject();
            while (jsonReader.hasNext()) {
                String name = jsonReader.nextName();
                JsonToken token = jsonReader.peek();
                if (token == JsonToken.STRING) {
                    resource.addProperty(name, jsonReader.nextString());
                } else {
                    jsonReader.skipValue();
                }
            }
            jsonReader.endObject();
        }
        return AbstractResult.success(resource);
    } catch (Exception e) {
        return AbstractResult.failure(new RepositoryException(e));
    } finally {
        get.releaseConnection();
    }
}
Also used : InputStreamReader(java.io.InputStreamReader) GetMethod(org.apache.commons.httpclient.methods.GetMethod) AuthScope(org.apache.commons.httpclient.auth.AuthScope) JsonReader(com.google.gson.stream.JsonReader) JsonToken(com.google.gson.stream.JsonToken) RepositoryException(org.apache.sling.ide.transport.RepositoryException) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) ResourceProxy(org.apache.sling.ide.transport.ResourceProxy) RepositoryException(org.apache.sling.ide.transport.RepositoryException) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)

Example 77 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class UpdateContentCommand method execute.

@Override
public Result<Void> execute() {
    PostMethod post = new PostMethod(getPath());
    try {
        List<Part> parts = new ArrayList<>();
        for (Map.Entry<String, Object> property : properties.entrySet()) {
            if (ProtectedNodes.exists(property.getKey())) {
                continue;
            }
            Object propValue = property.getValue();
            if (propValue instanceof String) {
                parts.add(new StringPart(property.getKey(), (String) propValue));
            } else if (property != null) {
                // TODO handle multi-valued properties
                System.err.println("Unable to handle property " + property.getKey() + " of type " + property.getValue().getClass());
            }
        }
        File f = new File(fileInfo.getLocation());
        if (f.isFile()) {
            parts.add(new FilePart(fileInfo.getName(), f));
        }
        post.setRequestEntity(new MultipartRequestEntity(parts.toArray(new Part[parts.size()]), post.getParams()));
        httpClient.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(repositoryInfo.getUsername(), repositoryInfo.getPassword()));
        httpClient.getParams().setAuthenticationPreemptive(true);
        int responseStatus = httpClient.executeMethod(post);
        return resultForResponseStatus(responseStatus);
    } catch (Exception e) {
        return AbstractResult.failure(new RepositoryException(e));
    } finally {
        post.releaseConnection();
    }
}
Also used : PostMethod(org.apache.commons.httpclient.methods.PostMethod) ArrayList(java.util.ArrayList) StringPart(org.apache.commons.httpclient.methods.multipart.StringPart) RepositoryException(org.apache.sling.ide.transport.RepositoryException) MultipartRequestEntity(org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity) FilePart(org.apache.commons.httpclient.methods.multipart.FilePart) RepositoryException(org.apache.sling.ide.transport.RepositoryException) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) StringPart(org.apache.commons.httpclient.methods.multipart.StringPart) FilePart(org.apache.commons.httpclient.methods.multipart.FilePart) Part(org.apache.commons.httpclient.methods.multipart.Part) Map(java.util.Map) File(java.io.File)

Example 78 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class AccessPrivilegesInfoTest method testDeniedWriteForGroup.

/*
	 * group testuser granted read / denied write
	 */
@Test
public void testDeniedWriteForGroup() throws IOException, JsonException {
    testGroupId = H.createTestGroup();
    testUserId = H.createTestUser();
    testFolderUrl = H.createTestFolder();
    Credentials adminCreds = new UsernamePasswordCredentials("admin", "admin");
    //add testUserId to testGroup
    String groupPostUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".update.html";
    List<NameValuePair> groupPostParams = new ArrayList<NameValuePair>();
    groupPostParams.add(new NameValuePair(":member", testUserId));
    H.assertAuthenticatedPostStatus(adminCreds, groupPostUrl, HttpServletResponse.SC_OK, groupPostParams, null);
    //assign some privileges
    String postUrl = testFolderUrl + ".modifyAce.html";
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testGroupId));
    postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:write", "denied"));
    H.assertAuthenticatedPostStatus(adminCreds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    String getUrl = testFolderUrl + ".privileges-info.json";
    //fetch the JSON for the test page to verify the settings.
    Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");
    String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObj = JsonUtil.parseObject(json);
    assertEquals(false, jsonObj.getBoolean("canAddChildren"));
    assertEquals(false, jsonObj.getBoolean("canDeleteChildren"));
    assertEquals(false, jsonObj.getBoolean("canDelete"));
    assertEquals(false, jsonObj.getBoolean("canModifyProperties"));
    assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
    assertEquals(false, jsonObj.getBoolean("canModifyAccessControl"));
}
Also used : NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 79 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class AccessPrivilegesInfoTest method testDeniedWriteForUser.

/*
	 * testuser granted read / denied write
	 */
@Test
public void testDeniedWriteForUser() throws IOException, JsonException {
    testUserId = H.createTestUser();
    testFolderUrl = H.createTestFolder();
    //assign some privileges
    String postUrl = testFolderUrl + ".modifyAce.html";
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:write", "denied"));
    Credentials adminCreds = new UsernamePasswordCredentials("admin", "admin");
    H.assertAuthenticatedPostStatus(adminCreds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    String getUrl = testFolderUrl + ".privileges-info.json";
    //fetch the JSON for the test page to verify the settings.
    Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");
    String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObj = JsonUtil.parseObject(json);
    assertEquals(false, jsonObj.getBoolean("canAddChildren"));
    assertEquals(false, jsonObj.getBoolean("canDeleteChildren"));
    assertEquals(false, jsonObj.getBoolean("canDelete"));
    assertEquals(false, jsonObj.getBoolean("canModifyProperties"));
    assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
    assertEquals(false, jsonObj.getBoolean("canModifyAccessControl"));
}
Also used : NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 80 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class AccessPrivilegesInfoTest method testGrantedWriteForUser.

/*
	 * testuser granted read / granted write
	 */
@Test
public void testGrantedWriteForUser() throws IOException, JsonException {
    testUserId = H.createTestUser();
    testFolderUrl = H.createTestFolder();
    //assign some privileges
    String postUrl = testFolderUrl + ".modifyAce.html";
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:write", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:readAccessControl", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:modifyAccessControl", "granted"));
    Credentials adminCreds = new UsernamePasswordCredentials("admin", "admin");
    H.assertAuthenticatedPostStatus(adminCreds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    String getUrl = testFolderUrl + ".privileges-info.json";
    //fetch the JSON for the test page to verify the settings.
    Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");
    String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObj = JsonUtil.parseObject(json);
    assertEquals(true, jsonObj.getBoolean("canAddChildren"));
    assertEquals(true, jsonObj.getBoolean("canDeleteChildren"));
    //the parent node must also have jcr:removeChildren granted for 'canDelete' to be true
    assertEquals(false, jsonObj.getBoolean("canDelete"));
    assertEquals(true, jsonObj.getBoolean("canModifyProperties"));
    assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
    assertEquals(true, jsonObj.getBoolean("canModifyAccessControl"));
    //add a child node to verify the 'canDelete' use case
    String childFolderUrl = H.getTestClient().createNode(testFolderUrl + "/testFolder" + random.nextInt() + SlingPostConstants.DEFAULT_CREATE_SUFFIX, null);
    String childPostUrl = childFolderUrl + ".modifyAce.html";
    postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:removeNode", "granted"));
    H.assertAuthenticatedPostStatus(adminCreds, childPostUrl, HttpServletResponse.SC_OK, postParams, null);
    String childGetUrl = childFolderUrl + ".privileges-info.json";
    String childJson = H.getAuthenticatedContent(testUserCreds, childGetUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(childJson);
    JsonObject childJsonObj = JsonUtil.parseObject(childJson);
    assertEquals(true, childJsonObj.getBoolean("canDelete"));
}
Also used : NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Aggregations

UsernamePasswordCredentials (org.apache.commons.httpclient.UsernamePasswordCredentials)113 Credentials (org.apache.commons.httpclient.Credentials)97 ArrayList (java.util.ArrayList)65 NameValuePair (org.apache.commons.httpclient.NameValuePair)61 JsonObject (javax.json.JsonObject)52 HttpTest (org.apache.sling.commons.testing.integration.HttpTest)51 Test (org.junit.Test)51 JsonArray (javax.json.JsonArray)19 HttpClient (org.apache.commons.httpclient.HttpClient)19 AuthScope (org.apache.commons.httpclient.auth.AuthScope)17 HashSet (java.util.HashSet)14 GetMethod (org.apache.commons.httpclient.methods.GetMethod)14 HttpException (org.apache.commons.httpclient.HttpException)9 IOException (java.io.IOException)8 HttpMethod (org.apache.commons.httpclient.HttpMethod)8 HttpState (org.apache.commons.httpclient.HttpState)6 PostMethod (org.apache.commons.httpclient.methods.PostMethod)6 URL (java.net.URL)5 RepositoryException (org.apache.sling.ide.transport.RepositoryException)5 Header (org.apache.commons.httpclient.Header)4