Search in sources :

Example 36 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class AbstractEntryTest method testIsAllow.

public void testIsAllow() throws RepositoryException, NotExecutableException {
    JackrabbitAccessControlEntry tmpl = createEntry(new String[] { Privilege.JCR_READ }, true);
    assertTrue(tmpl.isAllow());
    tmpl = createEntry(new String[] { Privilege.JCR_READ }, false);
    assertFalse(tmpl.isAllow());
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)

Example 37 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class AbstractEntryTest method testGetPrivileges.

public void testGetPrivileges() throws RepositoryException, NotExecutableException {
    PrivilegeManagerImpl privMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
    JackrabbitAccessControlEntry entry = createEntry(new String[] { Privilege.JCR_READ }, true);
    Privilege[] privs = entry.getPrivileges();
    assertNotNull(privs);
    assertEquals(1, privs.length);
    assertEquals(privs[0], acMgr.privilegeFromName(Privilege.JCR_READ));
    assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
    entry = createEntry(new String[] { PrivilegeRegistry.REP_WRITE }, true);
    privs = entry.getPrivileges();
    assertNotNull(privs);
    assertEquals(1, privs.length);
    assertEquals(privs[0], acMgr.privilegeFromName(PrivilegeRegistry.REP_WRITE));
    assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
    entry = createEntry(new String[] { Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_CHILD_NODES }, true);
    privs = entry.getPrivileges();
    assertNotNull(privs);
    assertEquals(2, privs.length);
    Privilege[] param = privilegesFromNames(new String[] { Privilege.JCR_ADD_CHILD_NODES, Privilege.JCR_REMOVE_CHILD_NODES });
    assertEquals(Arrays.asList(param), Arrays.asList(privs));
    assertEquals(privMgr.getBits(privs), privMgr.getBits(entry.getPrivileges()));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) Privilege(javax.jcr.security.Privilege)

Example 38 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class AbstractEntryTest method testGetPrincipal.

public void testGetPrincipal() throws RepositoryException, NotExecutableException {
    JackrabbitAccessControlEntry tmpl = createEntry(new String[] { Privilege.JCR_READ }, true);
    assertNotNull(tmpl.getPrincipal());
    assertEquals(testPrincipal.getName(), tmpl.getPrincipal().getName());
    assertSame(testPrincipal, tmpl.getPrincipal());
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)

Example 39 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit by apache.

the class JsonDiffHandlerImportTest method testAllPolicyNode.

/**
     * Test adding 'rep:policy' policy node as a child node of /testroot without
     * intermediate node.
     */
public void testAllPolicyNode() throws Exception {
    try {
        testRootNode.addMixin("rep:AccessControllable");
        JsonDiffHandler handler = new JsonDiffHandler(superuser, testRoot, null);
        new DiffParser(handler).parse(JSOP_POLICY_TREE);
        assertTrue(testRootNode.hasNode("rep:policy"));
        assertTrue(testRootNode.getNode("rep:policy").getDefinition().isProtected());
        assertTrue(testRootNode.getNode("rep:policy").getPrimaryNodeType().getName().equals("rep:ACL"));
        assertPolicy(acMgr, testRootNode, 1);
        AccessControlEntry entry = ((AccessControlList) acMgr.getPolicies(testRoot)[0]).getAccessControlEntries()[0];
        assertEquals(EveryonePrincipal.NAME, entry.getPrincipal().getName());
        assertEquals(1, entry.getPrivileges().length);
        assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
        if (entry instanceof JackrabbitAccessControlEntry) {
            assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
        }
    } finally {
        superuser.refresh(false);
    }
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Example 40 with JackrabbitAccessControlEntry

use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.

the class EntryTest method testNotEquals.

@Test
public void testNotEquals() throws RepositoryException {
    ACE ace = createEntry(new String[] { PrivilegeConstants.JCR_ALL }, true);
    List<JackrabbitAccessControlEntry> otherAces = new ArrayList<JackrabbitAccessControlEntry>();
    try {
        // ACE template with different principal
        Principal princ = new Principal() {

            public String getName() {
                return "a name";
            }
        };
        Privilege[] privs = new Privilege[] { acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL) };
        otherAces.add(createEntry(princ, privs, true));
    } catch (RepositoryException e) {
    }
    // ACE template with different privileges
    try {
        otherAces.add(createEntry(new String[] { PrivilegeConstants.JCR_READ }, true));
    } catch (RepositoryException e) {
    }
    // ACE template with different 'allow' flag
    try {
        otherAces.add(createEntry(new String[] { PrivilegeConstants.JCR_ALL }, false));
    } catch (RepositoryException e) {
    }
    // ACE template with different privileges and 'allows
    try {
        otherAces.add(createEntry(new String[] { PrivilegeConstants.REP_WRITE }, false));
    } catch (RepositoryException e) {
    }
    // other ace impl
    final Privilege[] privs = new Privilege[] { acMgr.privilegeFromName(PrivilegeConstants.JCR_ALL) };
    JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {

        public boolean isAllow() {
            return true;
        }

        public String[] getRestrictionNames() {
            return new String[0];
        }

        public Value getRestriction(String restrictionName) {
            return null;
        }

        public Value[] getRestrictions(String restrictionName) {
            return null;
        }

        public Principal getPrincipal() {
            return testPrincipal;
        }

        public Privilege[] getPrivileges() {
            return privs;
        }
    };
    otherAces.add(pe);
    for (JackrabbitAccessControlEntry otherAce : otherAces) {
        assertFalse(ace.equals(otherAce));
    }
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) ACE(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ACE) ArrayList(java.util.ArrayList) Value(javax.jcr.Value) RepositoryException(javax.jcr.RepositoryException) Privilege(javax.jcr.security.Privilege) Principal(java.security.Principal) Test(org.junit.Test)

Aggregations

JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)48 AccessControlEntry (javax.jcr.security.AccessControlEntry)30 Privilege (javax.jcr.security.Privilege)25 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)19 Principal (java.security.Principal)16 Value (javax.jcr.Value)14 Test (org.junit.Test)12 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)11 AccessControlManager (javax.jcr.security.AccessControlManager)10 ArrayList (java.util.ArrayList)6 HashMap (java.util.HashMap)6 ByteArrayInputStream (java.io.ByteArrayInputStream)5 InputStream (java.io.InputStream)5 RepositoryException (javax.jcr.RepositoryException)5 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)5 ParsingContentHandler (org.apache.jackrabbit.commons.xml.ParsingContentHandler)5 NodeImpl (org.apache.jackrabbit.core.NodeImpl)5 Node (javax.jcr.Node)4 AccessControlException (javax.jcr.security.AccessControlException)4 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)4