Examples with PrivilegeManager org.apache.jackrabbit.api.security.authorization.PrivilegeManager used on opensource projects

Search in sources :

Example 21 with PrivilegeManager

use of org.apache.jackrabbit.api.security.authorization.PrivilegeManager in project jackrabbit-oak by apache.

the class PrivilegeUpgradeTest method verifyPrivileges.

@Test
public void verifyPrivileges() throws RepositoryException {
    Set<String> nonAggregatePrivileges = newHashSet(REP_READ_NODES, REP_READ_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE, JCR_READ_ACCESS_CONTROL, JCR_MODIFY_ACCESS_CONTROL, JCR_NODE_TYPE_MANAGEMENT, JCR_VERSION_MANAGEMENT, JCR_LOCK_MANAGEMENT, JCR_LIFECYCLE_MANAGEMENT, JCR_RETENTION_MANAGEMENT, JCR_WORKSPACE_MANAGEMENT, JCR_NODE_TYPE_DEFINITION_MANAGEMENT, JCR_NAMESPACE_MANAGEMENT, REP_PRIVILEGE_MANAGEMENT, REP_USER_MANAGEMENT, REP_INDEX_DEFINITION_MANAGEMENT, "test:privilege", "test:privilege2");
    Map<String, Set<String>> aggregatePrivileges = Maps.newHashMap();
    aggregatePrivileges.put(JCR_READ, ImmutableSet.of(REP_READ_NODES, REP_READ_PROPERTIES));
    aggregatePrivileges.put(JCR_MODIFY_PROPERTIES, ImmutableSet.of(REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES));
    aggregatePrivileges.put(JCR_WRITE, ImmutableSet.of(JCR_MODIFY_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE));
    aggregatePrivileges.put(REP_WRITE, ImmutableSet.of(JCR_WRITE, JCR_MODIFY_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE, JCR_NODE_TYPE_MANAGEMENT));
    aggregatePrivileges.put(JCR_ALL, ImmutableSet.of(REP_READ_NODES, REP_READ_PROPERTIES, REP_ADD_PROPERTIES, REP_ALTER_PROPERTIES, REP_REMOVE_PROPERTIES, JCR_ADD_CHILD_NODES, JCR_REMOVE_CHILD_NODES, JCR_REMOVE_NODE, JCR_READ_ACCESS_CONTROL, JCR_MODIFY_ACCESS_CONTROL, JCR_NODE_TYPE_MANAGEMENT, JCR_VERSION_MANAGEMENT, JCR_LOCK_MANAGEMENT, JCR_LIFECYCLE_MANAGEMENT, JCR_RETENTION_MANAGEMENT, JCR_WORKSPACE_MANAGEMENT, JCR_NODE_TYPE_DEFINITION_MANAGEMENT, JCR_NAMESPACE_MANAGEMENT, REP_PRIVILEGE_MANAGEMENT, REP_USER_MANAGEMENT, REP_INDEX_DEFINITION_MANAGEMENT, JCR_READ, JCR_MODIFY_PROPERTIES, JCR_WRITE, REP_WRITE, "test:privilege", "test:privilege2", "test:aggregate", "test:aggregate2"));
    aggregatePrivileges.put("test:aggregate", ImmutableSet.of(JCR_READ, REP_READ_NODES, REP_READ_PROPERTIES, "test:privilege"));
    aggregatePrivileges.put("test:aggregate2", ImmutableSet.of(JCR_READ, REP_READ_NODES, REP_READ_PROPERTIES, "test:privilege", "test:privilege2", "test:aggregate"));
    JackrabbitSession session = createAdminSession();
    try {
        JackrabbitWorkspace workspace = (JackrabbitWorkspace) session.getWorkspace();
        PrivilegeManager manager = workspace.getPrivilegeManager();
        Privilege[] privileges = manager.getRegisteredPrivileges();
        for (Privilege privilege : privileges) {
            if (privilege.isAggregate()) {
                Set<String> expected = aggregatePrivileges.remove(privilege.getName());
                if (expected != null) {
                    String[] actual = getNames(privilege.getAggregatePrivileges());
                    assertTrue("Miss match in aggregate privilege " + privilege.getName() + " expected " + expected + " actual " + Arrays.toString(actual), newHashSet(expected).equals(newHashSet(actual)));
                }
            } else {
                nonAggregatePrivileges.remove(privilege.getName());
            }
        }
        assertTrue("Missing non aggregate privileges: " + nonAggregatePrivileges, nonAggregatePrivileges.isEmpty());
        assertTrue("Missing aggregate privileges: " + aggregatePrivileges.keySet(), aggregatePrivileges.isEmpty());
    } finally {
        session.logout();
    }
}
Also used : Sets.newHashSet(com.google.common.collect.Sets.newHashSet) ImmutableSet(com.google.common.collect.ImmutableSet) Set(java.util.Set) PrivilegeManager(org.apache.jackrabbit.api.security.authorization.PrivilegeManager) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Privilege(javax.jcr.security.Privilege) Test(org.junit.Test)

Example 22 with PrivilegeManager

use of org.apache.jackrabbit.api.security.authorization.PrivilegeManager in project jackrabbit-oak by apache.

the class PrivilegeUpgradeTest method createSourceContent.

@Override
protected void createSourceContent(Session session) throws Exception {
    JackrabbitWorkspace workspace = (JackrabbitWorkspace) session.getWorkspace();
    NamespaceRegistry registry = workspace.getNamespaceRegistry();
    registry.registerNamespace("test", "http://www.example.org/");
    PrivilegeManager privilegeManager = workspace.getPrivilegeManager();
    privilegeManager.registerPrivilege("test:privilege", false, null);
    privilegeManager.registerPrivilege("test:aggregate", false, new String[] { "jcr:read", "test:privilege" });
    privilegeManager.registerPrivilege("test:privilege2", true, null);
    privilegeManager.registerPrivilege("test:aggregate2", true, new String[] { "test:aggregate", "test:privilege2" });
}
Also used : NamespaceRegistry(javax.jcr.NamespaceRegistry) PrivilegeManager(org.apache.jackrabbit.api.security.authorization.PrivilegeManager) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace)

Aggregations

PrivilegeManager (org.apache.jackrabbit.api.security.authorization.PrivilegeManager)22 Test (org.junit.Test)12 Privilege (javax.jcr.security.Privilege)9 JackrabbitWorkspace (org.apache.jackrabbit.api.JackrabbitWorkspace)7 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)7 ImmutableSet (com.google.common.collect.ImmutableSet)3 Set (java.util.Set)3 PrivilegeConfiguration (org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration)3 Sets.newHashSet (com.google.common.collect.Sets.newHashSet)2 NamespaceRegistry (javax.jcr.NamespaceRegistry)2 Session (javax.jcr.Session)2 AccessControlException (javax.jcr.security.AccessControlException)2 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)2 Root (org.apache.jackrabbit.oak.api.Root)2 Tree (org.apache.jackrabbit.oak.api.Tree)2 LocalNameMapper (org.apache.jackrabbit.oak.namepath.LocalNameMapper)2 NamePathMapper (org.apache.jackrabbit.oak.namepath.NamePathMapper)2 NamePathMapperImpl (org.apache.jackrabbit.oak.namepath.NamePathMapperImpl)2 AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)2 RestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial