Example 11 with JackrabbitWorkspace
use of org.apache.jackrabbit.api.JackrabbitWorkspace in project jackrabbit by apache.
the class AbstractRepositoryOperationTest method testRegisterPrivilegeWithPrivilege.
public void testRegisterPrivilegeWithPrivilege() throws Exception {
assertDefaultPrivileges(PrivilegeRegistry.REP_PRIVILEGE_MANAGEMENT_NAME);
assertPermission(Permission.PRIVILEGE_MNGMT, false);
modifyPrivileges(null, PrivilegeRegistry.REP_PRIVILEGE_MANAGEMENT_NAME.toString(), true);
assertPrivilege(PrivilegeRegistry.REP_PRIVILEGE_MANAGEMENT_NAME, true);
assertPermission(Permission.PRIVILEGE_MNGMT, true);
try {
Workspace testWsp = getTestWorkspace();
((JackrabbitWorkspace) testWsp).getPrivilegeManager().registerPrivilege(getNewPrivilegeName(testWsp), false, new String[0]);
} finally {
modifyPrivileges(null, PrivilegeRegistry.REP_PRIVILEGE_MANAGEMENT_NAME.toString(), false);
}
assertPrivilege(PrivilegeRegistry.REP_PRIVILEGE_MANAGEMENT_NAME, false);
assertPermission(Permission.PRIVILEGE_MNGMT, false);
}
Also used :
JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace)
Workspace(javax.jcr.Workspace)
Example 12 with JackrabbitWorkspace
use of org.apache.jackrabbit.api.JackrabbitWorkspace in project jackrabbit by apache.
the class AbstractRepositoryOperationTest method testRegisterPrivilege.
public void testRegisterPrivilege() throws Exception {
assertDefaultPrivileges(PrivilegeRegistry.REP_PRIVILEGE_MANAGEMENT_NAME);
assertPermission(Permission.PRIVILEGE_MNGMT, false);
try {
Workspace testWsp = getTestWorkspace();
((JackrabbitWorkspace) testWsp).getPrivilegeManager().registerPrivilege(getNewPrivilegeName(testWsp), false, new String[0]);
fail("Privilege registration should be denied.");
} catch (AccessDeniedException e) {
// success
}
}
Also used :
AccessDeniedException(javax.jcr.AccessDeniedException)
JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace)
Workspace(javax.jcr.Workspace)
Example 13 with JackrabbitWorkspace
use of org.apache.jackrabbit.api.JackrabbitWorkspace in project jackrabbit-oak by apache.
the class PrivilegeUpgradeTest method verifyPrivileges.
@Test
public void verifyPrivileges() throws RepositoryException {
Set<String> nonAggregatePrivileges = newHashSet(REP_READ_NODES, REP_READ_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE, JCR_READ_ACCESS_CONTROL, JCR_MODIFY_ACCESS_CONTROL, JCR_NODE_TYPE_MANAGEMENT, JCR_VERSION_MANAGEMENT, JCR_LOCK_MANAGEMENT, JCR_LIFECYCLE_MANAGEMENT, JCR_RETENTION_MANAGEMENT, JCR_WORKSPACE_MANAGEMENT, JCR_NODE_TYPE_DEFINITION_MANAGEMENT, JCR_NAMESPACE_MANAGEMENT, REP_PRIVILEGE_MANAGEMENT, REP_USER_MANAGEMENT, REP_INDEX_DEFINITION_MANAGEMENT, "test:privilege", "test:privilege2");
Map<String, Set<String>> aggregatePrivileges = Maps.newHashMap();
aggregatePrivileges.put(JCR_READ, ImmutableSet.of(REP_READ_NODES, REP_READ_PROPERTIES));
aggregatePrivileges.put(JCR_MODIFY_PROPERTIES, ImmutableSet.of(REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES));
aggregatePrivileges.put(JCR_WRITE, ImmutableSet.of(JCR_MODIFY_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE));
aggregatePrivileges.put(REP_WRITE, ImmutableSet.of(JCR_WRITE, JCR_MODIFY_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE, JCR_NODE_TYPE_MANAGEMENT));
aggregatePrivileges.put(JCR_ALL, ImmutableSet.of(REP_READ_NODES, REP_READ_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE, JCR_READ_ACCESS_CONTROL, JCR_MODIFY_ACCESS_CONTROL, JCR_NODE_TYPE_MANAGEMENT, JCR_VERSION_MANAGEMENT, JCR_LOCK_MANAGEMENT, JCR_LIFECYCLE_MANAGEMENT, JCR_RETENTION_MANAGEMENT, JCR_WORKSPACE_MANAGEMENT, JCR_NODE_TYPE_DEFINITION_MANAGEMENT, JCR_NAMESPACE_MANAGEMENT, REP_PRIVILEGE_MANAGEMENT, REP_USER_MANAGEMENT, REP_INDEX_DEFINITION_MANAGEMENT, JCR_READ, JCR_MODIFY_PROPERTIES, JCR_WRITE, REP_WRITE, "test:privilege", "test:privilege2", "test:aggregate", "test:aggregate2"));
aggregatePrivileges.put("test:aggregate", ImmutableSet.of(JCR_READ, REP_READ_NODES, REP_READ_PROPERTIES, "test:privilege"));
aggregatePrivileges.put("test:aggregate2", ImmutableSet.of(JCR_READ, REP_READ_NODES, REP_READ_PROPERTIES, "test:privilege", "test:privilege2", "test:aggregate"));
JackrabbitSession session = createAdminSession();
try {
JackrabbitWorkspace workspace = (JackrabbitWorkspace) session.getWorkspace();
PrivilegeManager manager = workspace.getPrivilegeManager();
Privilege[] privileges = manager.getRegisteredPrivileges();
for (Privilege privilege : privileges) {
if (privilege.isAggregate()) {
Set<String> expected = aggregatePrivileges.remove(privilege.getName());
if (expected != null) {
String[] actual = getNames(privilege.getAggregatePrivileges());
assertTrue("Miss match in aggregate privilege " + privilege.getName() + " expected " + expected + " actual " + Arrays.toString(actual), newHashSet(expected).equals(newHashSet(actual)));
}
} else {
nonAggregatePrivileges.remove(privilege.getName());
}
}
assertTrue("Missing non aggregate privileges: " + nonAggregatePrivileges, nonAggregatePrivileges.isEmpty());
assertTrue("Missing aggregate privileges: " + aggregatePrivileges.keySet(), aggregatePrivileges.isEmpty());
} finally {
session.logout();
}
}
Also used :
Sets.newHashSet(com.google.common.collect.Sets.newHashSet)
ImmutableSet(com.google.common.collect.ImmutableSet)
Set(java.util.Set)
PrivilegeManager(org.apache.jackrabbit.api.security.authorization.PrivilegeManager)
JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Privilege(javax.jcr.security.Privilege)
Test(org.junit.Test)
Example 14 with JackrabbitWorkspace
use of org.apache.jackrabbit.api.JackrabbitWorkspace in project jackrabbit-oak by apache.
the class PrivilegeUpgradeTest method createSourceContent.
@Override
protected void createSourceContent(Session session) throws Exception {
JackrabbitWorkspace workspace = (JackrabbitWorkspace) session.getWorkspace();
NamespaceRegistry registry = workspace.getNamespaceRegistry();
registry.registerNamespace("test", "http://www.example.org/");
PrivilegeManager privilegeManager = workspace.getPrivilegeManager();
privilegeManager.registerPrivilege("test:privilege", false, null);
privilegeManager.registerPrivilege("test:aggregate", false, new String[] { "jcr:read", "test:privilege" });
privilegeManager.registerPrivilege("test:privilege2", true, null);
privilegeManager.registerPrivilege("test:aggregate2", true, new String[] { "test:aggregate", "test:privilege2" });
}
Also used :
NamespaceRegistry(javax.jcr.NamespaceRegistry)
PrivilegeManager(org.apache.jackrabbit.api.security.authorization.PrivilegeManager)
JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace)
Example 15 with JackrabbitWorkspace
use of org.apache.jackrabbit.api.JackrabbitWorkspace in project jackrabbit-oak by apache.
the class RepositorySidegradeTest method createSourceContent.
@SuppressWarnings("unchecked")
protected NodeStore createSourceContent() throws Exception {
NodeStore source = SegmentNodeStoreBuilders.builder(new MemoryStore()).build();
Repository repository = new Jcr(new Oak(source)).createRepository();
Session session = repository.login(CREDENTIALS);
try {
JackrabbitWorkspace workspace = (JackrabbitWorkspace) session.getWorkspace();
NamespaceRegistry registry = workspace.getNamespaceRegistry();
registry.registerNamespace("test", "http://www.example.org/");
NodeTypeManager nodeTypeManager = workspace.getNodeTypeManager();
NodeTypeTemplate template = nodeTypeManager.createNodeTypeTemplate();
template.setName("test:unstructured");
template.setDeclaredSuperTypeNames(new String[] { "nt:unstructured" });
PropertyDefinitionTemplate pDef1 = nodeTypeManager.createPropertyDefinitionTemplate();
pDef1.setName("defaultString");
pDef1.setRequiredType(PropertyType.STRING);
Value stringValue = session.getValueFactory().createValue("stringValue");
pDef1.setDefaultValues(new Value[] { stringValue });
template.getPropertyDefinitionTemplates().add(pDef1);
PropertyDefinitionTemplate pDef2 = nodeTypeManager.createPropertyDefinitionTemplate();
pDef2.setName("defaultPath");
pDef2.setRequiredType(PropertyType.PATH);
Value pathValue = session.getValueFactory().createValue("/jcr:path/nt:value", PropertyType.PATH);
pDef2.setDefaultValues(new Value[] { pathValue });
template.getPropertyDefinitionTemplates().add(pDef2);
nodeTypeManager.registerNodeType(template, false);
template = nodeTypeManager.createNodeTypeTemplate();
template.setName("test:referenceable");
template.setDeclaredSuperTypeNames(new String[] { "nt:unstructured", "mix:referenceable" });
nodeTypeManager.registerNodeType(template, false);
Node root = session.getRootNode();
Node referenceable = root.addNode("referenceable", "test:unstructured");
referenceable.addMixin(NodeType.MIX_REFERENCEABLE);
Node versionable = root.addNode("versionable", NT_UNSTRUCTURED);
versionable.addMixin(MIX_VERSIONABLE);
Node child = versionable.addNode("child", "test:referenceable");
child.addNode("child2", NT_UNSTRUCTURED);
session.save();
session.getWorkspace().getVersionManager().checkin("/versionable");
Node properties = root.addNode("properties", "test:unstructured");
properties.setProperty("boolean", true);
Binary binary = session.getValueFactory().createBinary(new ByteArrayInputStream(BINARY));
try {
properties.setProperty("binary", binary);
} finally {
binary.dispose();
}
properties.setProperty("date", DATE);
properties.setProperty("decimal", new BigDecimal(123));
properties.setProperty("double", Math.PI);
properties.setProperty("long", 9876543210L);
properties.setProperty("reference", referenceable);
properties.setProperty("weak_reference", session.getValueFactory().createValue(referenceable, true));
properties.setProperty("mv_reference", new Value[] { session.getValueFactory().createValue(versionable, false) });
properties.setProperty("mv_weak_reference", new Value[] { session.getValueFactory().createValue(versionable, true) });
properties.setProperty("string", "test");
properties.setProperty("multiple", "a,b,c".split(","));
session.save();
binary = properties.getProperty("binary").getBinary();
try {
InputStream stream = binary.getStream();
try {
for (byte aBINARY : BINARY) {
assertEquals(aBINARY, (byte) stream.read());
}
assertEquals(-1, stream.read());
} finally {
stream.close();
}
} finally {
binary.dispose();
}
return source;
} finally {
session.logout();
}
}
Also used :
NodeTypeManager(javax.jcr.nodetype.NodeTypeManager)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Node(javax.jcr.Node)
JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace)
BigDecimal(java.math.BigDecimal)
MemoryStore(org.apache.jackrabbit.oak.segment.memory.MemoryStore)
Repository(javax.jcr.Repository)
NodeStore(org.apache.jackrabbit.oak.spi.state.NodeStore)
NamespaceRegistry(javax.jcr.NamespaceRegistry)
NodeTypeTemplate(javax.jcr.nodetype.NodeTypeTemplate)
PropertyDefinitionTemplate(javax.jcr.nodetype.PropertyDefinitionTemplate)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Jcr(org.apache.jackrabbit.oak.jcr.Jcr)
Oak(org.apache.jackrabbit.oak.Oak)
Value(javax.jcr.Value)
Binary(javax.jcr.Binary)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Aggregations
JackrabbitWorkspace (org.apache.jackrabbit.api.JackrabbitWorkspace)17
PrivilegeManager (org.apache.jackrabbit.api.security.authorization.PrivilegeManager)7
Workspace (javax.jcr.Workspace)5
NamespaceRegistry (javax.jcr.NamespaceRegistry)4
Node (javax.jcr.Node)4
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)4
Test (org.junit.Test)4
ByteArrayInputStream (java.io.ByteArrayInputStream)3
InputStream (java.io.InputStream)3
Privilege (javax.jcr.security.Privilege)3
BigDecimal (java.math.BigDecimal)2
AccessDeniedException (javax.jcr.AccessDeniedException)2
Binary (javax.jcr.Binary)2
Session (javax.jcr.Session)2
Value (javax.jcr.Value)2
NodeTypeManager (javax.jcr.nodetype.NodeTypeManager)2
NodeTypeTemplate (javax.jcr.nodetype.NodeTypeTemplate)2
PropertyDefinitionTemplate (javax.jcr.nodetype.PropertyDefinitionTemplate)2
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)2
Name (org.apache.jackrabbit.spi.Name)2
