Search in sources :

Example 56 with JackrabbitSession

use of org.apache.jackrabbit.api.JackrabbitSession in project sling by apache.

the class ResourceTypeResolutionIT method checkResourceType.

@Test
public void checkResourceType() throws Exception {
    JackrabbitSession adminSession = (JackrabbitSession) slingRepository.loginAdministrative(null);
    Node contentBar = JcrUtils.getOrCreateByPath("/content/foo/bar", "nt:unstructured", adminSession);
    contentBar.setProperty("sling:resourceType", "types/foo/bar");
    Node appsBar = JcrUtils.getOrCreateByPath("/apps/types/foo/bar", "nt:unstructured", adminSession);
    appsBar.setProperty("sling:resourceSuperType", "types/foo/parent");
    JcrUtils.getOrCreateByPath("/apps/types/foo/parent", "nt:unstructured", adminSession);
    adminSession.getUserManager().createUser("test-user", "test");
    adminSession.save();
    AccessControlUtils.allow(contentBar, "test-user", "jcr:read");
    adminSession.save();
    adminSession.logout();
    HashMap<String, Object> authenticationInfo = new HashMap<>();
    authenticationInfo.put(ResourceResolverFactory.USER, "test-user");
    authenticationInfo.put(ResourceResolverFactory.PASSWORD, "test".toCharArray());
    ResourceResolver testResolver = resourceResolverFactory.getResourceResolver(authenticationInfo);
    try {
        Resource resource = testResolver.getResource("/content/foo/bar");
        assertNotNull(resource);
        assertEquals("/content/foo/bar", resource.getPath());
        assertTrue(resource.isResourceType("types/foo/bar"));
        // this assertion causes the private ResourceResolverControl#getResourceTypeResourceResolver
        // to be called, which needs to inject the resourceresolver bundle via the authenticationInfo
        // see SLING-6329
        assertTrue(resource.isResourceType("types/foo/parent"));
    } finally {
        testResolver.close();
    }
}
Also used : HashMap(java.util.HashMap) Node(javax.jcr.Node) ResourceResolver(org.apache.sling.api.resource.ResourceResolver) Resource(org.apache.sling.api.resource.Resource) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Test(org.junit.Test)

Example 57 with JackrabbitSession

use of org.apache.jackrabbit.api.JackrabbitSession in project sling by apache.

the class Init method activate.

@Activate
public void activate() throws Exception {
    try {
        final String defaultAgentUserName = "distribution-agent-user";
        final String serviceUserName = "testDistributionUser";
        final String distributorUserName = "testDistributorUser";
        Session session = slingRepository.login(new SimpleCredentials("admin", "admin".toCharArray()));
        JackrabbitSession jackrabittSession = (JackrabbitSession) session;
        UserManager userManager = jackrabittSession.getUserManager();
        User serviceUser = createOrGetServiceUser(userManager, serviceUserName);
        if (serviceUser != null) {
            AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", serviceUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            AccessControlUtils.addAccessControlEntry(session, "/content", serviceUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            AccessControlUtils.addAccessControlEntry(session, null, serviceUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
        }
        Authorizable distributorUser = createOrGetRegularUser(userManager, distributorUserName);
        JcrUtils.getOrCreateByPath("/content", "sling:Folder", session);
        if (distributorUser != null) {
            AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            AccessControlUtils.addAccessControlEntry(session, "/content", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            AccessControlUtils.addAccessControlEntry(session, "/libs/sling/distribution", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            AccessControlUtils.addAccessControlEntry(session, "/etc/distribution", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            AccessControlUtils.addAccessControlEntry(session, null, distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
        }
        User defaultAgentUser = createOrGetServiceUser(userManager, defaultAgentUserName);
        if (defaultAgentUser != null) {
            AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", defaultAgentUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
            ((User) distributorUser).getImpersonation().grantImpersonation(defaultAgentUser.getPrincipal());
            serviceUser.getImpersonation().grantImpersonation(defaultAgentUser.getPrincipal());
        }
        session.save();
        session.logout();
    } catch (Throwable t) {
        log.error("cannot create user", t);
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Activate(org.apache.felix.scr.annotations.Activate)

Example 58 with JackrabbitSession

use of org.apache.jackrabbit.api.JackrabbitSession in project jackrabbit by apache.

the class TokenBasedLoginTest method testConcurrentLoginDifferentWorkspaces.

/**
     * Tests concurrent login on the Repository including token creation.
     * Test copied and slightly adjusted from org.apache.jackrabbit.core.ConcurrentLoginTest
     */
public void testConcurrentLoginDifferentWorkspaces() throws RepositoryException, NotExecutableException {
    final String testID = testuser.getID();
    // check if test is executable
    // - multiple workspaces must be present
    final List<String> wspNames = Arrays.asList(superuser.getWorkspace().getAccessibleWorkspaceNames());
    if (wspNames.size() <= 1) {
        throw new NotExecutableException();
    }
    // - testuser must be present for all workspaces
    for (String wspName : wspNames) {
        JackrabbitSession s = null;
        try {
            s = (JackrabbitSession) getHelper().getSuperuserSession(wspName);
            if (s.getUserManager().getAuthorizable(testID) == null) {
                throw new NotExecutableException();
            }
        } finally {
            if (s != null) {
                s.logout();
            }
        }
    }
    final Exception[] exception = new Exception[1];
    List<Thread> testRunner = new ArrayList<Thread>();
    for (int i = 0; i < 10; i++) {
        testRunner.add(new Thread(new Runnable() {

            public void run() {
                for (int i = 0; i < 100; i++) {
                    try {
                        double rand = wspNames.size() * Math.random();
                        int index = (int) Math.floor(rand);
                        String wspName = wspNames.get(index);
                        SimpleCredentials sc = new SimpleCredentials(testID, testID.toCharArray());
                        sc.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, "");
                        Session s = getHelper().getRepository().login(sc, wspName);
                        try {
                            Set<TokenCredentials> tcs = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
                            assertFalse(tcs.isEmpty());
                        } finally {
                            s.logout();
                        }
                    } catch (Exception e) {
                        exception[0] = e;
                        break;
                    }
                }
            }
        }));
    }
    // start threads
    for (Object aTestRunner : testRunner) {
        ((Thread) aTestRunner).start();
    }
    // join threads
    for (Object aTestRunner : testRunner) {
        try {
            ((Thread) aTestRunner).join();
        } catch (InterruptedException e) {
            fail(e.toString());
        }
    }
    if (exception[0] != null) {
        fail(exception[0].toString());
    }
}
Also used : ArrayList(java.util.ArrayList) LoginException(javax.jcr.LoginException) RepositoryException(javax.jcr.RepositoryException) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) SimpleCredentials(javax.jcr.SimpleCredentials) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)

Example 59 with JackrabbitSession

use of org.apache.jackrabbit.api.JackrabbitSession in project jackrabbit by apache.

the class TokenBasedLoginTest method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    if (superuser instanceof JackrabbitSession) {
        UserManager umgr = ((JackrabbitSession) superuser).getUserManager();
        String uid = "test";
        while (umgr.getAuthorizable(uid) != null) {
            uid += "_";
        }
        testuser = umgr.createUser(uid, uid);
        Principal p = testuser.getPrincipal();
        if (p instanceof ItemBasedPrincipal) {
            testuserPath = ((ItemBasedPrincipal) p).getPath();
        } else {
            throw new NotExecutableException();
        }
        creds = new SimpleCredentials(uid, uid.toCharArray());
        if (!umgr.isAutoSave()) {
            doSave = true;
            superuser.save();
        }
    } else {
        throw new NotExecutableException();
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Principal(java.security.Principal) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)

Example 60 with JackrabbitSession

use of org.apache.jackrabbit.api.JackrabbitSession in project jackrabbit by apache.

the class GroupImplTest method testEveryoneGroup.

public void testEveryoneGroup() throws RepositoryException, NotExecutableException {
    Group g = null;
    try {
        g = userMgr.createGroup(EveryonePrincipal.NAME);
        save(superuser);
        assertEquals(EveryonePrincipal.NAME, g.getPrincipal().getName());
        assertEquals(EveryonePrincipal.getInstance(), g.getPrincipal());
        assertTrue(g.isDeclaredMember(getTestUser(superuser)));
        assertTrue(g.isMember(getTestUser(superuser)));
        Iterator<Authorizable> it = g.getDeclaredMembers();
        assertTrue(it.hasNext());
        Set<Authorizable> members = new HashSet<Authorizable>();
        while (it.hasNext()) {
            members.add(it.next());
        }
        it = g.getMembers();
        assertTrue(it.hasNext());
        while (it.hasNext()) {
            assertTrue(members.contains(it.next()));
        }
        assertFalse(g.addMember(getTestUser(superuser)));
        assertFalse(g.removeMember(getTestUser(superuser)));
        PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
        Principal everyone = pMgr.getEveryone();
        assertTrue(everyone instanceof ItemBasedPrincipal);
        assertEquals(everyone, EveryonePrincipal.getInstance());
    } finally {
        if (g != null) {
            g.remove();
            save(superuser);
        }
    }
}
Also used : PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager) Group(org.apache.jackrabbit.api.security.user.Group) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) Principal(java.security.Principal) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) HashSet(java.util.HashSet)

Aggregations

JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)114 UserManager (org.apache.jackrabbit.api.security.user.UserManager)51 Session (javax.jcr.Session)50 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)34 Node (javax.jcr.Node)25 Group (org.apache.jackrabbit.api.security.user.Group)25 User (org.apache.jackrabbit.api.security.user.User)24 Principal (java.security.Principal)19 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)17 Test (org.junit.Test)16 SimpleCredentials (javax.jcr.SimpleCredentials)15 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)11 RepositoryException (javax.jcr.RepositoryException)10 PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)9 PrincipalManager (org.apache.jackrabbit.api.security.principal.PrincipalManager)9 Privilege (javax.jcr.security.Privilege)8 LoginException (javax.jcr.LoginException)6 Property (javax.jcr.Property)6 ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)6 Item (javax.jcr.Item)5