use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class TreePermissionImplTest method testCanReadProperties2.
@Test
public void testCanReadProperties2() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acMgr.setPolicy("/test", acl);
root.commit();
Tree policyTree = root.getTree("/test/rep:policy");
NodeUtil ace = new NodeUtil(policyTree).addChild("ace2", NT_REP_DENY_ACE);
ace.setNames(REP_PRIVILEGES, PrivilegeConstants.REP_READ_PROPERTIES);
ace.setString(REP_PRINCIPAL_NAME, getTestUser().getPrincipal().getName());
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class TreePermissionImplTest method testCanReadProperties.
@Test
public void testCanReadProperties() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.REP_READ_PROPERTIES), false);
acMgr.setPolicy("/test", acl);
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class PermissionStoreTest method before.
@Override
public void before() throws Exception {
super.before();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_ALL), true);
}
acMgr.setPolicy("/", acl);
root.commit();
testSession = createTestSession();
testRoot = testSession.getLatestRoot();
acConfig = getSecurityProvider().getConfiguration(AuthorizationConfiguration.class);
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class RepoPolicyTreePermissionTest method after.
@Override
public void after() throws Exception {
try {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, null);
if (acl != null) {
acMgr.removePolicy(null, acl);
root.commit();
}
accessSession.close();
noAccessSession.close();
} finally {
super.after();
}
}
use of org.apache.jackrabbit.api.security.JackrabbitAccessControlList in project jackrabbit-oak by apache.
the class VersionStorageTest method after.
@Override
public void after() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
if (testPrincipal.equals(ace.getPrincipal())) {
acl.removeAccessControlEntry(ace);
}
}
acMgr.setPolicy("/", acl);
root.commit();
}
Aggregations