use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class PermissionHookTest method before.
@Override
@Before
public void before() throws Exception {
super.before();
testPrincipal = getTestUser().getPrincipal();
NodeUtil rootNode = new NodeUtil(root.getTree("/"), namePathMapper);
NodeUtil testNode = rootNode.addChild("testPath", JcrConstants.NT_UNSTRUCTURED);
testNode.addChild("childNode", JcrConstants.NT_UNSTRUCTURED);
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
acl.addAccessControlEntry(testPrincipal, privilegesFromNames(JCR_ADD_CHILD_NODES));
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(JCR_READ));
acMgr.setPolicy(testPath, acl);
root.commit();
bitsProvider = new PrivilegeBitsProvider(root);
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class TreePermissionImplTest method testCanReadProperties2.
@Test
public void testCanReadProperties2() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acMgr.setPolicy("/test", acl);
root.commit();
Tree policyTree = root.getTree("/test/rep:policy");
NodeUtil ace = new NodeUtil(policyTree).addChild("ace2", NT_REP_DENY_ACE);
ace.setNames(REP_PRIVILEGES, PrivilegeConstants.REP_READ_PROPERTIES);
ace.setString(REP_PRINCIPAL_NAME, getTestUser().getPrincipal().getName());
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class TreePermissionImplTest method testCanReadProperties.
@Test
public void testCanReadProperties() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.REP_READ_PROPERTIES), false);
acMgr.setPolicy("/test", acl);
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class PermissionStoreTest method before.
@Override
public void before() throws Exception {
super.before();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_ALL), true);
}
acMgr.setPolicy("/", acl);
root.commit();
testSession = createTestSession();
testRoot = testSession.getLatestRoot();
acConfig = getSecurityProvider().getConfiguration(AuthorizationConfiguration.class);
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class RepoPolicyTreePermissionTest method after.
@Override
public void after() throws Exception {
try {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, null);
if (acl != null) {
acMgr.removePolicy(null, acl);
root.commit();
}
accessSession.close();
noAccessSession.close();
} finally {
super.after();
}
}
Aggregations