use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.
the class UserAccessControlProviderTest method testNoNodeForPrincipal.
/**
* @see <a href="https://issues.apache.org/jira/browse/JCR-2630">JCR-2630</a>
*/
public void testNoNodeForPrincipal() throws RepositoryException {
final Principal testPrincipal = getTestPrincipal();
String path = "/home/users/t/" + testPrincipal.getName();
while (s.nodeExists(path)) {
path += "_";
}
final String principalPath = path;
List<Set<Principal>> principalSets = new ArrayList<Set<Principal>>();
principalSets.add(Collections.<Principal>singleton(testPrincipal));
principalSets.add(Collections.<Principal>singleton(new ItemBasedPrincipal() {
public String getPath() {
return principalPath;
}
public String getName() {
return testPrincipal.getName();
}
}));
Path rootPath = ((SessionImpl) s).getQPath("/");
for (Set<Principal> principals : principalSets) {
CompiledPermissions cp = provider.compilePermissions(principals);
assertFalse(cp.canReadAll());
assertFalse(cp.grants(rootPath, Permission.READ));
assertTrue(cp.getPrivilegeSet(rootPath).isEmpty());
assertSame(CompiledPermissions.NO_PERMISSION, cp);
}
}
use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.
the class UserAccessControlProvider method init.
//----------------------------------------------< AccessControlProvider >---
/**
* @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#init(Session, Map)
*/
@Override
public void init(Session systemSession, Map configuration) throws RepositoryException {
super.init(systemSession, configuration);
if (systemSession instanceof SessionImpl) {
SessionImpl sImpl = (SessionImpl) systemSession;
String userAdminName = (configuration.containsKey(USER_ADMIN_GROUP_NAME)) ? configuration.get(USER_ADMIN_GROUP_NAME).toString() : USER_ADMIN_GROUP_NAME;
String groupAdminName = (configuration.containsKey(GROUP_ADMIN_GROUP_NAME)) ? configuration.get(GROUP_ADMIN_GROUP_NAME).toString() : GROUP_ADMIN_GROUP_NAME;
// make sure the groups exist (and possibly create them).
UserManager uMgr = sImpl.getUserManager();
userAdminGroup = initGroup(uMgr, userAdminName);
if (userAdminGroup != null && userAdminGroup instanceof ItemBasedPrincipal) {
userAdminGroupPath = ((ItemBasedPrincipal) userAdminGroup).getPath();
}
groupAdminGroup = initGroup(uMgr, groupAdminName);
if (groupAdminGroup != null && groupAdminGroup instanceof ItemBasedPrincipal) {
groupAdminGroupPath = ((ItemBasedPrincipal) groupAdminGroup).getPath();
}
Principal administrators = initGroup(uMgr, SecurityConstants.ADMINISTRATORS_NAME);
if (administrators != null && administrators instanceof ItemBasedPrincipal) {
administratorsGroupPath = ((ItemBasedPrincipal) administrators).getPath();
}
usersPath = (uMgr instanceof UserManagerImpl) ? ((UserManagerImpl) uMgr).getUsersPath() : UserConstants.USERS_PATH;
groupsPath = (uMgr instanceof UserManagerImpl) ? ((UserManagerImpl) uMgr).getGroupsPath() : UserConstants.GROUPS_PATH;
membersInProperty = !(uMgr instanceof UserManagerImpl) || !((UserManagerImpl) uMgr).hasMemberSplitSize();
if (configuration.containsKey(PARAM_ANONYMOUS_ID)) {
anonymousId = (String) configuration.get(PARAM_ANONYMOUS_ID);
} else {
anonymousId = SecurityConstants.ANONYMOUS_ID;
}
if (configuration.containsKey(PARAM_ANONYMOUS_ACCESS)) {
anonymousAccess = Boolean.parseBoolean((String) configuration.get(PARAM_ANONYMOUS_ACCESS));
} else {
anonymousAccess = true;
}
} else {
throw new RepositoryException("SessionImpl (system session) expected.");
}
}
use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.
the class WriteTest method testEditor2.
public void testEditor2() throws NotExecutableException, RepositoryException {
UserManager uMgr = getUserManager(superuser);
User u = null;
User u2 = null;
try {
u = uMgr.createUser("t", "t");
u2 = uMgr.createUser("tt", "tt", new TestPrincipal("tt"), "t/tt");
if (!uMgr.isAutoSave()) {
superuser.save();
}
Principal p = u.getPrincipal();
Principal p2 = u2.getPrincipal();
if (p instanceof ItemBasedPrincipal && p2 instanceof ItemBasedPrincipal && Text.isDescendant(((ItemBasedPrincipal) p).getPath(), ((ItemBasedPrincipal) p2).getPath())) {
JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);
JackrabbitAccessControlPolicy[] acls = acMgr.getApplicablePolicies(p2);
acMgr.setPolicy(acls[0].getPath(), acls[0]);
acls = acMgr.getApplicablePolicies(p);
String path = acls[0].getPath();
Node n = superuser.getNode(path);
assertEquals("rep:PrincipalAccessControl", n.getPrimaryNodeType().getName());
} else {
throw new NotExecutableException();
}
} finally {
superuser.refresh(false);
if (u2 != null)
u2.remove();
if (u != null)
u.remove();
if (!uMgr.isAutoSave()) {
superuser.save();
}
}
}
use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit-oak by apache.
the class CugExcludeDefaultTest method testPrincipals.
@Test
public void testPrincipals() {
Set<Principal> principals = new HashSet<Principal>();
principals.add(new PrincipalImpl("test"));
principals.add(new ItemBasedPrincipal() {
@Override
public String getPath() {
return "/path";
}
@Override
public String getName() {
return "test";
}
});
assertFalse(exclude.isExcluded(principals));
for (Principal p : principals) {
assertFalse(exclude.isExcluded(ImmutableSet.of(p)));
}
}
use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit-oak by apache.
the class AccessControlManagerImpl method getPolicies.
@Nonnull
@Override
public JackrabbitAccessControlPolicy[] getPolicies(@Nonnull Principal principal) throws RepositoryException {
Util.checkValidPrincipal(principal, principalManager);
String oakPath = (principal instanceof ItemBasedPrincipal) ? ((ItemBasedPrincipal) principal).getPath() : null;
JackrabbitAccessControlPolicy policy = createPrincipalACL(oakPath, principal);
if (policy != null) {
return new JackrabbitAccessControlPolicy[] { policy };
} else {
return new JackrabbitAccessControlPolicy[0];
}
}
Aggregations