use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.
the class L7_RestrictionsTest method testRetrieveRestrictionsFromACE.
public void testRetrieveRestrictionsFromACE() throws RepositoryException {
ValueFactory vf = superuser.getValueFactory();
acl.addEntry(testPrincipal, testPrivileges, false, ImmutableMap.of(AccessControlConstants.REP_GLOB, vf.createValue("/*")), ImmutableMap.of(AccessControlConstants.REP_PREFIXES, new Value[] { vf.createValue("jcr"), vf.createValue("rep") }));
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
if (ace instanceof JackrabbitAccessControlEntry) {
JackrabbitAccessControlEntry jace = (JackrabbitAccessControlEntry) ace;
// EXERCISE retrieve the restriction names present on the ace and verify your expectations.
// EXERCISE retrieve the restriction values for each restriction and verify your expectations.
}
}
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.
the class L5_AccessControlListImplTest method testRemoveInvalidEntry.
public void testRemoveInvalidEntry() throws RepositoryException {
assertTrue(AccessControlUtils.addAccessControlEntry(superuser, testRoot, testPrincipal, testPrivileges, true));
// EXERCISE : walk through the removal and explain the expected behaviour.
try {
acl.removeAccessControlEntry(new JackrabbitAccessControlEntry() {
public boolean isAllow() {
return false;
}
public String[] getRestrictionNames() {
return new String[0];
}
public Value getRestriction(String restrictionName) {
return null;
}
public Value[] getRestrictions(String restrictionName) {
return null;
}
public Principal getPrincipal() {
return testPrincipal;
}
public Privilege[] getPrivileges() {
return testPrivileges;
}
});
fail("Passing an unknown ACE should fail");
} catch (AccessControlException e) {
// success
}
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.
the class AccessControlImporterTest method testImportACL.
/**
* Imports a resource-based ACL containing a single entry.
*
* @throws Exception
*/
public void testImportACL() throws Exception {
try {
Node target = testRootNode;
doImport(target.getPath(), XML_POLICY_TREE);
assertTrue(target.hasNode("test"));
String path = target.getNode("test").getPath();
AccessControlManager acMgr = superuser.getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(path);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof JackrabbitAccessControlList);
AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, entries.length);
AccessControlEntry entry = entries[0];
assertEquals(EveryonePrincipal.NAME, entry.getPrincipal().getName());
assertEquals(1, entry.getPrivileges().length);
assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
if (entry instanceof JackrabbitAccessControlEntry) {
assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
}
} finally {
superuser.refresh(false);
}
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.
the class AccessControlImporterTest method testImportACLRemoveACE.
public void testImportACLRemoveACE() throws Exception {
try {
Node target = createImportTarget();
doImport(target.getPath(), XML_POLICY_TREE_3);
doImport(target.getPath(), XML_POLICY_TREE_5);
String path = target.getPath();
AccessControlManager acMgr = superuser.getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(path);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof JackrabbitAccessControlList);
AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, entries.length);
AccessControlEntry entry = entries[0];
assertEquals(VALID_PRINCIPAL_NAME, entry.getPrincipal().getName());
assertEquals(1, entry.getPrivileges().length);
assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
if (entry instanceof JackrabbitAccessControlEntry) {
assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
}
} finally {
superuser.refresh(false);
}
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry in project jackrabbit-oak by apache.
the class AccessControlImporterTest method testImportACLOnly.
public void testImportACLOnly() throws Exception {
try {
Node target = createImportTarget();
doImport(target.getPath(), XML_POLICY_TREE_3);
String path = target.getPath();
AccessControlManager acMgr = superuser.getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(path);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof JackrabbitAccessControlList);
AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
assertEquals(2, entries.length);
AccessControlEntry entry = entries[0];
assertEquals(EveryonePrincipal.NAME, entry.getPrincipal().getName());
assertEquals(1, entry.getPrivileges().length);
assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
entry = entries[1];
assertEquals(VALID_PRINCIPAL_NAME, entry.getPrincipal().getName());
assertEquals(1, entry.getPrivileges().length);
assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);
if (entry instanceof JackrabbitAccessControlEntry) {
assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
}
} finally {
superuser.refresh(false);
}
}
Aggregations