use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit by apache.
the class ACLProvider method init.
//----------------------------------------------< AccessControlProvider >---
/**
* @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#init(javax.jcr.Session, java.util.Map)
*/
@Override
public void init(Session systemSession, Map configuration) throws RepositoryException {
super.init(systemSession, configuration);
NodeImpl root = (NodeImpl) session.getRootNode();
if (root.hasNode(N_ACCESSCONTROL)) {
acRoot = root.getNode(N_ACCESSCONTROL);
if (!acRoot.isNodeType(NT_REP_ACCESS_CONTROL)) {
throw new RepositoryException("Error while initializing Access Control Provider: Found ac-root to be wrong node type " + acRoot.getPrimaryNodeType().getName());
}
} else {
acRoot = root.addNode(N_ACCESSCONTROL, NT_REP_ACCESS_CONTROL, null);
}
editor = new ACLEditor(session, session.getQPath(acRoot.getPath()));
entriesCache = new EntriesCache(session, editor, acRoot.getPath());
// TODO: replace by configurable default policy (see JCR-2331)
if (!configuration.containsKey(PARAM_OMIT_DEFAULT_PERMISSIONS)) {
try {
log.debug("Install initial permissions: ...");
ValueFactory vf = session.getValueFactory();
Map<String, Value> restrictions = new HashMap<String, Value>();
restrictions.put(session.getJCRName(ACLTemplate.P_NODE_PATH), vf.createValue(root.getPath(), PropertyType.PATH));
PrincipalManager pMgr = session.getPrincipalManager();
AccessControlManager acMgr = session.getAccessControlManager();
// initial default permissions for the administrators group
String pName = SecurityConstants.ADMINISTRATORS_NAME;
if (pMgr.hasPrincipal(pName)) {
Principal administrators = pMgr.getPrincipal(pName);
installDefaultPermissions(administrators, new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_ALL) }, restrictions, editor);
} else {
log.info("Administrators principal group is missing -> Not adding default permissions.");
}
// initialize default permissions for the everyone group
installDefaultPermissions(pMgr.getEveryone(), new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ) }, restrictions, editor);
session.save();
} catch (RepositoryException e) {
log.error("Failed to set-up minimal access control for root node of workspace " + session.getWorkspace().getName());
session.getRootNode().refresh(false);
}
}
}
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class ExternalLoginModuleDynamicMembershipTest method testLoginPopulatesPrincipals.
@Test
public void testLoginPopulatesPrincipals() throws Exception {
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
Set<String> expectedExternal = new HashSet<String>();
calcExpectedPrincipalNames(idp.getUser(USER_ID), syncConfig.user().getMembershipNestingDepth(), expectedExternal);
Set<Principal> principals = new HashSet<Principal>(cs.getAuthInfo().getPrincipals());
root.refresh();
PrincipalManager principalManager = getPrincipalManager(root);
for (String pName : expectedExternal) {
Principal p = principalManager.getPrincipal(pName);
assertNotNull(p);
assertTrue(principals.remove(p));
}
UserManager uMgr = getUserManager(root);
User u = uMgr.getAuthorizable(USER_ID, User.class);
assertTrue(principals.remove(u.getPrincipal()));
Iterator<Group> it = u.memberOf();
assertFalse(it.hasNext());
assertTrue(principals.remove(EveryonePrincipal.getInstance()));
assertTrue(principals.isEmpty());
} finally {
if (cs != null) {
cs.close();
}
options.clear();
}
}
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class GetGroupPrincipalsTest method runTest.
@Override
public void runTest() throws Exception {
PrincipalManager principalManager = ((JackrabbitSession) session).getPrincipalManager();
for (int i = 0; i < 1000; i++) {
Principal p = principalManager.getPrincipal(principalName);
PrincipalIterator principals = principalManager.getGroupMembership(p);
// while (principals.hasNext()) {
// Principal groupPrincipal = principals.nextPrincipal();
// }
}
}
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class PrincipalConfigurationImplTest method testGetPrincipalManager3.
@Test
public void testGetPrincipalManager3() {
PrincipalManager pm = pc2.getPrincipalManager(root, NamePathMapper.DEFAULT);
assertNotNull(pm);
assertTrue(pm instanceof PrincipalManagerImpl);
}
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class PrincipalConfigurationImplTest method testGetPrincipalManager2.
@Test
public void testGetPrincipalManager2() {
pc1.setSecurityProvider(getSecurityProvider());
PrincipalManager pm = pc1.getPrincipalManager(root, NamePathMapper.DEFAULT);
assertNotNull(pm);
assertTrue(pm instanceof PrincipalManagerImpl);
}
Aggregations