Search in sources :

Example 11 with PrincipalIterator

use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit by apache.

the class JackrabbitAccessControlListTest method getValidPrincipal.

private Principal getValidPrincipal() throws NotExecutableException, RepositoryException {
    if (!(superuser instanceof JackrabbitSession)) {
        throw new NotExecutableException();
    }
    PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
    PrincipalIterator it = pMgr.getPrincipals(PrincipalManager.SEARCH_TYPE_NOT_GROUP);
    if (it.hasNext()) {
        return it.nextPrincipal();
    } else {
        throw new NotExecutableException();
    }
}
Also used : PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) PrincipalIterator(org.apache.jackrabbit.api.security.principal.PrincipalIterator) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)

Example 12 with PrincipalIterator

use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit-oak by apache.

the class UserImportTest method testExistingPrincipal.

@Test
public void testExistingPrincipal() throws Exception {
    Principal existing = null;
    PrincipalIterator principalIterator = ((JackrabbitSession) getImportSession()).getPrincipalManager().getPrincipals(PrincipalManager.SEARCH_TYPE_ALL);
    while (principalIterator.hasNext()) {
        Principal p = principalIterator.nextPrincipal();
        if (getUserManager().getAuthorizable(p) != null) {
            existing = p;
            break;
        }
    }
    if (existing == null) {
        throw new NotExecutableException();
    }
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>" + existing.getName() + "</sv:value></sv:property>" + "</sv:node>";
    try {
        doImport(getTargetPath(), xml);
        getImportSession().save();
        fail("Import must detect conflicting principals.");
    } catch (RepositoryException e) {
    // success
    }
}
Also used : NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) PrincipalIterator(org.apache.jackrabbit.api.security.principal.PrincipalIterator) RepositoryException(javax.jcr.RepositoryException) Principal(java.security.Principal) Test(org.junit.Test)

Example 13 with PrincipalIterator

use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit-oak by apache.

the class UserImportIgnoreTest method testImportInvalidImpersonationIgnore.

@Test
public void testImportInvalidImpersonationIgnore() throws Exception {
    List<String> invalid = new ArrayList<String>();
    // an non-existing princ-name
    invalid.add("anybody");
    // a group
    invalid.add("administrators");
    // principal of the user itself.
    invalid.add("t");
    for (String principalName : invalid) {
        String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property><sv:property sv:name=\"rep:impersonators\" sv:type=\"String\"><sv:value>" + principalName + "</sv:value></sv:property>" + "</sv:node>";
        Subject subj = new Subject();
        subj.getPrincipals().add(new PrincipalImpl(principalName));
        try {
            doImport(getTargetPath(), xml);
            // no exception during import: no impersonation must be granted
            // for the invalid principal name
            Authorizable a = getUserManager().getAuthorizable("t");
            if (!a.isGroup()) {
                Impersonation imp = ((User) a).getImpersonation();
                Subject s = new Subject();
                s.getPrincipals().add(new PrincipalImpl(principalName));
                assertFalse(imp.allows(s));
                for (PrincipalIterator it = imp.getImpersonators(); it.hasNext(); ) {
                    assertFalse(principalName.equals(it.nextPrincipal().getName()));
                }
            } else {
                fail("Importing 't' didn't create a User.");
            }
        } finally {
            getImportSession().refresh(false);
        }
    }
}
Also used : Impersonation(org.apache.jackrabbit.api.security.user.Impersonation) User(org.apache.jackrabbit.api.security.user.User) ArrayList(java.util.ArrayList) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) PrincipalIterator(org.apache.jackrabbit.api.security.principal.PrincipalIterator) Subject(javax.security.auth.Subject) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Example 14 with PrincipalIterator

use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit-oak by apache.

the class ImpersonationImplTest method testGetImpersonators.

@Test
public void testGetImpersonators() throws Exception {
    PrincipalIterator it = impersonation.getImpersonators();
    assertTrue(it.hasNext());
    assertTrue(Iterators.contains(it, impersonator.getPrincipal()));
}
Also used : PrincipalIterator(org.apache.jackrabbit.api.security.principal.PrincipalIterator) Test(org.junit.Test)

Example 15 with PrincipalIterator

use of org.apache.jackrabbit.api.security.principal.PrincipalIterator in project jackrabbit-oak by apache.

the class PrincipalManagerImplTest method testGetPrincipalsGroup.

@Test
public void testGetPrincipalsGroup() {
    Iterator<? extends Principal> expected = provider.findPrincipals(PrincipalManager.SEARCH_TYPE_GROUP);
    PrincipalIterator it = principalMgr.getPrincipals(PrincipalManager.SEARCH_TYPE_GROUP);
    assertIterator(expected, it);
}
Also used : PrincipalIterator(org.apache.jackrabbit.api.security.principal.PrincipalIterator) Test(org.junit.Test)

Aggregations

PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)61 Principal (java.security.Principal)40 Test (org.junit.Test)35 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)15 AbstractJCRTest (org.apache.jackrabbit.test.AbstractJCRTest)11 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)9 PrincipalManager (org.apache.jackrabbit.api.security.principal.PrincipalManager)9 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)9 ArrayList (java.util.ArrayList)8 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)7 Group (java.security.acl.Group)5 RepositoryException (javax.jcr.RepositoryException)4 Group (org.apache.jackrabbit.api.security.user.Group)4 TestPrincipal (org.apache.jackrabbit.core.security.TestPrincipal)4 EveryonePrincipal (org.apache.jackrabbit.core.security.principal.EveryonePrincipal)4 HashSet (java.util.HashSet)3 Impersonation (org.apache.jackrabbit.api.security.user.Impersonation)3 User (org.apache.jackrabbit.api.security.user.User)3 Session (javax.jcr.Session)2 Subject (javax.security.auth.Subject)2