Example 36 with Authorizable
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class QueryTest method xpathEscapeTest.
@SuppressWarnings("deprecation")
@Test
public void xpathEscapeTest() throws RepositoryException {
Session writer = createAdminSession();
Session reader = createAdminSession();
UserManager uMgr = ((JackrabbitSession) writer).getUserManager();
String uid = "testUser";
try {
User user = uMgr.createUser("testUser", "pw");
writer.getNode(user.getPath()).addNode(".tokens", "rep:Unstructured");
writer.save();
QueryManager qm = reader.getWorkspace().getQueryManager();
Query q = qm.createQuery("/jcr:root//*[_x002e_tokens/@jcr:primaryType]", Query.XPATH);
NodeIterator res = q.execute().getNodes();
assertEquals(1, res.getSize());
} finally {
Authorizable a = uMgr.getAuthorizable(uid);
if (a != null) {
a.remove();
writer.save();
}
if (reader != null) {
reader.logout();
}
if (writer != null) {
writer.logout();
}
}
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
User(org.apache.jackrabbit.api.security.user.User)
Query(javax.jcr.query.Query)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
QueryManager(javax.jcr.query.QueryManager)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Test(org.junit.Test)
AbstractRepositoryTest(org.apache.jackrabbit.oak.jcr.AbstractRepositoryTest)
Example 37 with Authorizable
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class UserImportWithActionsTest method testAccessControlActionExecutionForUser.
@Test
public void testAccessControlActionExecutionForUser() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.USER_PRIVILEGE_NAMES, new String[] { Privilege.JCR_ALL }));
setAuthorizableActions(a1);
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "</sv:node>";
doImport(USERPATH, xml);
Authorizable a = getUserManager().getAuthorizable("t");
assertNotNull(a);
assertFalse(a.isGroup());
AccessControlManager acMgr = getImportSession().getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("tPrincipal", aces[0].getPrincipal().getName());
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Test(org.junit.Test)
Example 38 with Authorizable
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class UserImportWithActionsTest method testAccessControlActionExecutionForGroup.
@Test
public void testAccessControlActionExecutionForGroup() throws Exception {
AccessControlAction a1 = new AccessControlAction();
a1.init(securityProvider, ConfigurationParameters.of(AccessControlAction.GROUP_PRIVILEGE_NAMES, new String[] { Privilege.JCR_READ }));
setAuthorizableActions(a1);
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property>" + "</sv:node>";
doImport(GROUPPATH, xml);
Authorizable a = getUserManager().getAuthorizable("g");
assertNotNull(a);
assertTrue(a.isGroup());
AccessControlManager acMgr = getImportSession().getAccessControlManager();
AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
assertNotNull(policies);
assertEquals(1, policies.length);
assertTrue(policies[0] instanceof AccessControlList);
AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
assertEquals(1, aces.length);
assertEquals("gPrincipal", aces[0].getPrincipal().getName());
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessControlAction(org.apache.jackrabbit.oak.spi.security.user.action.AccessControlAction)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
Test(org.junit.Test)
Example 39 with Authorizable
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class UserImportTest method testMultiValuedPassword.
/**
* @since OAK 1.0 : password property is not longer mandatory -> multivalued
* property will just be ignored (instead of throwing ConstraintViolationException
* upon save).
*/
@Test
public void testMultiValuedPassword() throws Exception {
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" + "</sv:node>";
/*
importing a user with a multi-valued rep:password property
- nonProtected node rep:User must be created.
- property rep:password must be created regularly without being protected
*/
Node target = getTargetNode();
doImport(getTargetPath(), xml);
assertTrue(target.isModified());
assertTrue(getImportSession().hasPendingChanges());
Authorizable newUser = getUserManager().getAuthorizable("t");
assertNotNull(newUser);
assertTrue(target.hasNode("t"));
assertTrue(target.hasProperty("t/rep:password"));
assertFalse(target.getProperty("t/rep:password").getDefinition().isProtected());
}
Also used :
Node(javax.jcr.Node)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
Test(org.junit.Test)
Example 40 with Authorizable
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class UserImportTest method testImportUserWithIdDifferentFromNodeName2.
/**
* Same as {@link #testImportUserWithIdDifferentFromNodeName} but with
* different order of properties.
*
* @since OAK 1.0 : Importing rep:authorizableId
*/
@Test
public void testImportUserWithIdDifferentFromNodeName2() throws Exception {
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t_diff\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" + " <sv:property sv:name=\"rep:authorizableId\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" + "</sv:node>";
doImport(getTargetPath(), xml);
Authorizable newUser = getUserManager().getAuthorizable("t");
Session s = getImportSession();
assertNotNull(newUser);
assertFalse(newUser.isGroup());
assertEquals("t", newUser.getID());
assertTrue(s.propertyExists(newUser.getPath() + "/rep:authorizableId"));
assertEquals("t", s.getProperty(newUser.getPath() + "/rep:authorizableId").getString());
s.save();
}
Also used :
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Test(org.junit.Test)
Aggregations
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)466
Test (org.junit.Test)254
User (org.apache.jackrabbit.api.security.user.User)104
Group (org.apache.jackrabbit.api.security.user.Group)101
UserManager (org.apache.jackrabbit.api.security.user.UserManager)93
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)64
Principal (java.security.Principal)58
Node (javax.jcr.Node)55
RepositoryException (javax.jcr.RepositoryException)55
Query (org.apache.jackrabbit.api.security.user.Query)50
Session (javax.jcr.Session)49
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)45
Value (javax.jcr.Value)29
NodeImpl (org.apache.jackrabbit.core.NodeImpl)29
AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)28
ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)24
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)24
SimpleCredentials (javax.jcr.SimpleCredentials)21
HashMap (java.util.HashMap)18
QueryBuilder (org.apache.jackrabbit.api.security.user.QueryBuilder)16
