Example 21 with PrincipalManager
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit by apache.
the class ACLProvider method init.
//----------------------------------------------< AccessControlProvider >---
/**
* @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#init(javax.jcr.Session, java.util.Map)
*/
@Override
public void init(Session systemSession, Map configuration) throws RepositoryException {
super.init(systemSession, configuration);
NodeImpl root = (NodeImpl) session.getRootNode();
if (root.hasNode(N_ACCESSCONTROL)) {
acRoot = root.getNode(N_ACCESSCONTROL);
if (!acRoot.isNodeType(NT_REP_ACCESS_CONTROL)) {
throw new RepositoryException("Error while initializing Access Control Provider: Found ac-root to be wrong node type " + acRoot.getPrimaryNodeType().getName());
}
} else {
acRoot = root.addNode(N_ACCESSCONTROL, NT_REP_ACCESS_CONTROL, null);
}
editor = new ACLEditor(session, session.getQPath(acRoot.getPath()));
entriesCache = new EntriesCache(session, editor, acRoot.getPath());
// TODO: replace by configurable default policy (see JCR-2331)
if (!configuration.containsKey(PARAM_OMIT_DEFAULT_PERMISSIONS)) {
try {
log.debug("Install initial permissions: ...");
ValueFactory vf = session.getValueFactory();
Map<String, Value> restrictions = new HashMap<String, Value>();
restrictions.put(session.getJCRName(ACLTemplate.P_NODE_PATH), vf.createValue(root.getPath(), PropertyType.PATH));
PrincipalManager pMgr = session.getPrincipalManager();
AccessControlManager acMgr = session.getAccessControlManager();
// initial default permissions for the administrators group
String pName = SecurityConstants.ADMINISTRATORS_NAME;
if (pMgr.hasPrincipal(pName)) {
Principal administrators = pMgr.getPrincipal(pName);
installDefaultPermissions(administrators, new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_ALL) }, restrictions, editor);
} else {
log.info("Administrators principal group is missing -> Not adding default permissions.");
}
// initialize default permissions for the everyone group
installDefaultPermissions(pMgr.getEveryone(), new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ) }, restrictions, editor);
session.save();
} catch (RepositoryException e) {
log.error("Failed to set-up minimal access control for root node of workspace " + session.getWorkspace().getName());
session.getRootNode().refresh(false);
}
}
}
Also used :
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
AccessControlManager(javax.jcr.security.AccessControlManager)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
HashMap(java.util.HashMap)
Value(javax.jcr.Value)
RepositoryException(javax.jcr.RepositoryException)
ValueFactory(javax.jcr.ValueFactory)
Principal(java.security.Principal)
Example 22 with PrincipalManager
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class ExternalLoginModuleDynamicMembershipTest method testLoginPopulatesPrincipals.
@Test
public void testLoginPopulatesPrincipals() throws Exception {
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
Set<String> expectedExternal = new HashSet<String>();
calcExpectedPrincipalNames(idp.getUser(USER_ID), syncConfig.user().getMembershipNestingDepth(), expectedExternal);
Set<Principal> principals = new HashSet<Principal>(cs.getAuthInfo().getPrincipals());
root.refresh();
PrincipalManager principalManager = getPrincipalManager(root);
for (String pName : expectedExternal) {
Principal p = principalManager.getPrincipal(pName);
assertNotNull(p);
assertTrue(principals.remove(p));
}
UserManager uMgr = getUserManager(root);
User u = uMgr.getAuthorizable(USER_ID, User.class);
assertTrue(principals.remove(u.getPrincipal()));
Iterator<Group> it = u.memberOf();
assertFalse(it.hasNext());
assertTrue(principals.remove(EveryonePrincipal.getInstance()));
assertTrue(principals.isEmpty());
} finally {
if (cs != null) {
cs.close();
}
options.clear();
}
}
Also used :
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
SimpleCredentials(javax.jcr.SimpleCredentials)
Group(org.apache.jackrabbit.api.security.user.Group)
User(org.apache.jackrabbit.api.security.user.User)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)
Principal(java.security.Principal)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 23 with PrincipalManager
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class GetGroupPrincipalsTest method runTest.
@Override
public void runTest() throws Exception {
PrincipalManager principalManager = ((JackrabbitSession) session).getPrincipalManager();
for (int i = 0; i < 1000; i++) {
Principal p = principalManager.getPrincipal(principalName);
PrincipalIterator principals = principalManager.getGroupMembership(p);
// while (principals.hasNext()) {
// Principal groupPrincipal = principals.nextPrincipal();
// }
}
}
Also used :
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
PrincipalIterator(org.apache.jackrabbit.api.security.principal.PrincipalIterator)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Principal(java.security.Principal)
Example 24 with PrincipalManager
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class PrincipalConfigurationImplTest method testGetPrincipalManager3.
@Test
public void testGetPrincipalManager3() {
PrincipalManager pm = pc2.getPrincipalManager(root, NamePathMapper.DEFAULT);
assertNotNull(pm);
assertTrue(pm instanceof PrincipalManagerImpl);
}
Also used :
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
PrincipalManagerImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalManagerImpl)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 25 with PrincipalManager
use of org.apache.jackrabbit.api.security.principal.PrincipalManager in project jackrabbit-oak by apache.
the class PrincipalConfigurationImplTest method testGetPrincipalManager2.
@Test
public void testGetPrincipalManager2() {
pc1.setSecurityProvider(getSecurityProvider());
PrincipalManager pm = pc1.getPrincipalManager(root, NamePathMapper.DEFAULT);
assertNotNull(pm);
assertTrue(pm instanceof PrincipalManagerImpl);
}
Also used :
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
PrincipalManagerImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalManagerImpl)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Aggregations
PrincipalManager (org.apache.jackrabbit.api.security.principal.PrincipalManager)27
Principal (java.security.Principal)16
Test (org.junit.Test)11
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)9
PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)9
HashSet (java.util.HashSet)6
RepositoryException (javax.jcr.RepositoryException)6
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)6
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)4
Session (javax.jcr.Session)3
AccessControlPolicy (javax.jcr.security.AccessControlPolicy)3
JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)3
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)3
Group (org.apache.jackrabbit.api.security.user.Group)3
NodeImpl (org.apache.jackrabbit.core.NodeImpl)3
PrincipalImpl (org.apache.jackrabbit.core.security.principal.PrincipalImpl)3
AbstractCompositeConfigurationTest (org.apache.jackrabbit.oak.spi.security.AbstractCompositeConfigurationTest)3
EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)3
Group (java.security.acl.Group)2
ArrayList (java.util.ArrayList)2
