use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit by apache.
the class ACLTemplateTest method testMultiplePrincipals.
public void testMultiplePrincipals() throws RepositoryException, NotExecutableException {
PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
Principal everyone = pMgr.getEveryone();
Principal grPrincipal = null;
PrincipalIterator it = pMgr.findPrincipals("", PrincipalManager.SEARCH_TYPE_GROUP);
while (it.hasNext()) {
Group gr = (Group) it.nextPrincipal();
if (!everyone.equals(gr)) {
grPrincipal = gr;
}
}
if (grPrincipal == null || grPrincipal.equals(everyone)) {
throw new NotExecutableException();
}
Privilege[] privs = privilegesFromName(Privilege.JCR_READ);
JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
pt.addAccessControlEntry(testPrincipal, privs);
assertFalse(pt.addAccessControlEntry(testPrincipal, privs));
// add same privileges for another principal -> must modify as well.
assertTrue(pt.addAccessControlEntry(everyone, privs));
// .. 2 entries must be present.
assertTrue(pt.getAccessControlEntries().length == 2);
}
use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit by apache.
the class UserImporterTest method testImportInvalidImpersonationIgnore.
public void testImportInvalidImpersonationIgnore() throws IOException, RepositoryException, SAXException, NotExecutableException {
List<String> invalid = new ArrayList<String>();
// an non-existing princ-name
invalid.add("anybody");
// a group
invalid.add("administrators");
// principal of the user itself.
invalid.add("t");
for (String principalName : invalid) {
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property><sv:property sv:name=\"rep:impersonators\" sv:type=\"String\"><sv:value>" + principalName + "</sv:value></sv:property>" + "</sv:node>";
Subject subj = new Subject();
subj.getPrincipals().add(new PrincipalImpl(principalName));
NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
try {
doImport(target, xml, UserImporter.ImportBehavior.IGNORE);
// no exception during import: no impersonation must be granted
// for the invalid principal name
Authorizable a = umgr.getAuthorizable("t");
if (!a.isGroup()) {
Impersonation imp = ((User) a).getImpersonation();
Subject s = new Subject();
s.getPrincipals().add(new PrincipalImpl(principalName));
assertFalse(imp.allows(s));
for (PrincipalIterator it = imp.getImpersonators(); it.hasNext(); ) {
assertFalse(principalName.equals(it.nextPrincipal().getName()));
}
} else {
fail("Importing 't' didn't create a User.");
}
} finally {
sImpl.refresh(false);
}
}
}
use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit by apache.
the class PrincipalManagerImpl method getGroupMembership.
/**
* {@inheritDoc}
*/
public PrincipalIterator getGroupMembership(Principal principal) {
checkIsValid();
List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length + 1);
for (PrincipalProvider pp : providers) {
PrincipalIterator groups = pp.getGroupMembership(principal);
if (groups.hasNext()) {
entries.add(new CheckedIteratorEntry(groups, pp));
}
}
// additional entry for the 'everyone' group
if (!(principal instanceof EveryonePrincipal)) {
Iterator<Principal> it = Collections.singletonList(getEveryone()).iterator();
entries.add(new CheckedIteratorEntry(it, null));
}
return new CheckedPrincipalIterator(entries);
}
use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit by apache.
the class PrincipalManagerImpl method findPrincipals.
/**
* {@inheritDoc}
*/
public PrincipalIterator findPrincipals(String simpleFilter) {
checkIsValid();
List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length);
for (PrincipalProvider pp : providers) {
PrincipalIterator it = pp.findPrincipals(simpleFilter);
if (it.hasNext()) {
entries.add(new CheckedIteratorEntry(it, pp));
}
}
return new CheckedPrincipalIterator(entries);
}
use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit by apache.
the class PrincipalManagerImpl method getPrincipals.
/**
* {@inheritDoc}
* @param searchType
*/
public PrincipalIterator getPrincipals(int searchType) {
checkIsValid();
List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length);
for (PrincipalProvider pp : providers) {
PrincipalIterator it = pp.getPrincipals(searchType);
if (it.hasNext()) {
entries.add(new CheckedIteratorEntry(it, pp));
}
}
return new CheckedPrincipalIterator(entries);
}
Aggregations