Examples with JackrabbitAccessControlEntry org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry used on opensource projects

Search in sources :

Example 16 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.

the class ACLTest method testRemoveInvalidEntry.

@Test
public void testRemoveInvalidEntry() throws Exception {
    try {
        acl.removeAccessControlEntry(new JackrabbitAccessControlEntry() {

            public boolean isAllow() {
                return false;
            }

            public String[] getRestrictionNames() {
                return new String[0];
            }

            public Value getRestriction(String restrictionName) {
                return null;
            }

            public Value[] getRestrictions(String restrictionName) {
                return null;
            }

            public Principal getPrincipal() {
                return testPrincipal;
            }

            public Privilege[] getPrivileges() {
                return testPrivileges;
            }
        });
        fail("Passing an unknown ACE should fail");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) Value(javax.jcr.Value) AccessControlException(javax.jcr.security.AccessControlException) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Example 17 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.

the class ACLTest method testUpdateGroupEntry.

@Test
public void testUpdateGroupEntry() throws Exception {
    Privilege[] readPriv = privilegesFromNames(JCR_READ);
    Privilege[] writePriv = privilegesFromNames(JCR_WRITE);
    Principal everyone = principalManager.getEveryone();
    acl.addEntry(testPrincipal, readPriv, true);
    acl.addEntry(everyone, readPriv, true);
    acl.addEntry(testPrincipal, writePriv, false);
    // adding an entry that should update the existing allow-entry for everyone.
    acl.addEntry(everyone, writePriv, true);
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    assertEquals(3, entries.length);
    JackrabbitAccessControlEntry princ2AllowEntry = (JackrabbitAccessControlEntry) entries[1];
    assertEquals(everyone, princ2AllowEntry.getPrincipal());
    assertACE(princ2AllowEntry, true, privilegesFromNames(JCR_READ, JCR_WRITE));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Test(org.junit.Test)

Example 18 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.

the class ACLTest method testMvRestrictions.

@Test
public void testMvRestrictions() throws Exception {
    ValueFactory vf = getValueFactory();
    Value[] vs = new Value[] { vf.createValue(JcrConstants.NT_FILE, PropertyType.NAME), vf.createValue(JcrConstants.NT_FOLDER, PropertyType.NAME) };
    Map<String, Value[]> mvRestrictions = Collections.singletonMap(REP_NT_NAMES, vs);
    Map<String, Value> restrictions = Collections.singletonMap(REP_GLOB, vf.createValue("/.*"));
    assertTrue(acl.addEntry(testPrincipal, testPrivileges, false, restrictions, mvRestrictions));
    assertFalse(acl.addEntry(testPrincipal, testPrivileges, false, restrictions, mvRestrictions));
    assertEquals(1, acl.getAccessControlEntries().length);
    JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) acl.getAccessControlEntries()[0];
    try {
        ace.getRestriction(REP_NT_NAMES);
        fail();
    } catch (ValueFormatException e) {
    // success
    }
    Value[] vvs = ace.getRestrictions(REP_NT_NAMES);
    assertArrayEquals(vs, vvs);
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) Value(javax.jcr.Value) ValueFormatException(javax.jcr.ValueFormatException) ValueFactory(javax.jcr.ValueFactory) Test(org.junit.Test)

Example 19 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.

the class ACLTest method testAllowWriteDenyRemoveGroupEntries.

@Test
public void testAllowWriteDenyRemoveGroupEntries() throws Exception {
    Principal everyone = principalManager.getEveryone();
    Privilege[] grPriv = privilegesFromNames(REP_WRITE);
    Privilege[] dePriv = privilegesFromNames(JCR_REMOVE_CHILD_NODES);
    acl.addEntry(everyone, grPriv, true, Collections.<String, Value>emptyMap());
    acl.addEntry(everyone, dePriv, false, Collections.<String, Value>emptyMap());
    Set<Privilege> allows = new HashSet<Privilege>();
    Set<Privilege> denies = new HashSet<Privilege>();
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    for (AccessControlEntry en : entries) {
        if (everyone.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry) {
            JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
            Privilege[] privs = ace.getPrivileges();
            if (ace.isAllow()) {
                allows.addAll(Arrays.asList(privs));
            } else {
                denies.addAll(Arrays.asList(privs));
            }
        }
    }
    Privilege[] expected = privilegesFromNames(JCR_ADD_CHILD_NODES, JCR_REMOVE_NODE, JCR_MODIFY_PROPERTIES, JCR_NODE_TYPE_MANAGEMENT);
    assertEquals(expected.length, allows.size());
    assertEquals(ImmutableSet.copyOf(expected), allows);
    assertEquals(1, denies.size());
    assertArrayEquals(privilegesFromNames(JCR_REMOVE_CHILD_NODES), denies.toArray(new Privilege[denies.size()]));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 20 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class JackrabbitAccessControlListTest method testAllowWriteDenyRemove.

public void testAllowWriteDenyRemove() throws NotExecutableException, RepositoryException {
    Principal princ = getValidPrincipal();
    Privilege[] grPriv = privilegesFromName(PrivilegeRegistry.REP_WRITE);
    Privilege[] dePriv = privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES);
    templ.addEntry(princ, grPriv, true, Collections.<String, Value>emptyMap());
    templ.addEntry(princ, dePriv, false, Collections.<String, Value>emptyMap());
    Set<Privilege> allows = new HashSet<Privilege>();
    Set<Privilege> denies = new HashSet<Privilege>();
    AccessControlEntry[] entries = templ.getAccessControlEntries();
    for (AccessControlEntry en : entries) {
        if (princ.equals(en.getPrincipal()) && en instanceof JackrabbitAccessControlEntry) {
            JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) en;
            Privilege[] privs = ace.getPrivileges();
            if (ace.isAllow()) {
                allows.addAll(Arrays.asList(privs));
            } else {
                denies.addAll(Arrays.asList(privs));
            }
        }
    }
    String[] expected = new String[] { Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_NODE, Privilege.JCR_MODIFY_PROPERTIES, Privilege.JCR_NODE_TYPE_MANAGEMENT };
    assertEquals(expected.length, allows.size());
    for (String name : expected) {
        assertTrue(allows.contains(acMgr.privilegeFromName(name)));
    }
    assertEquals(1, denies.size());
    assertEquals(acMgr.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES), denies.iterator().next());
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) HashSet(java.util.HashSet)

Aggregations

JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)48 AccessControlEntry (javax.jcr.security.AccessControlEntry)30 Privilege (javax.jcr.security.Privilege)25 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)19 Principal (java.security.Principal)16 Value (javax.jcr.Value)14 Test (org.junit.Test)12 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)11 AccessControlManager (javax.jcr.security.AccessControlManager)10 ArrayList (java.util.ArrayList)6 HashMap (java.util.HashMap)6 ByteArrayInputStream (java.io.ByteArrayInputStream)5 InputStream (java.io.InputStream)5 RepositoryException (javax.jcr.RepositoryException)5 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)5 ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)5 NodeImpl (org.apache.jackrabbit.core.NodeImpl)5 Node (javax.jcr.Node)4 AccessControlException (javax.jcr.security.AccessControlException)4 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial