Examples with AuthorizableExistsException org.apache.jackrabbit.api.security.user.AuthorizableExistsException used on opensource projects

Example 6 with AuthorizableExistsException

use of org.apache.jackrabbit.api.security.user.AuthorizableExistsException in project jackrabbit by apache.

the class NotUserAdministratorTest method testCreateUserWithItermediatePath.

public void testCreateUserWithItermediatePath() throws NotExecutableException {
    try {
        Principal p = getTestPrincipal();
        User u = uMgr.createUser(p.getName(), buildPassword(p), p, "/any/intermediate/path");
        save(uSession);
        fail("A non-UserAdmin should not be allowed to create a new User.");
        // clean-up: let superuser remove the user created by fault.
        userMgr.getAuthorizable(u.getID()).remove();
    } catch (AuthorizableExistsException e) {
        // should never get here.
        fail(e.getMessage());
    } catch (RepositoryException e) {
    // success
    }
}

Example 7 with AuthorizableExistsException

use of org.apache.jackrabbit.api.security.user.AuthorizableExistsException in project jackrabbit by apache.

the class NodeCreationTest method testIllegalChars.

public void testIllegalChars() throws RepositoryException, NotExecutableException {
    createUserManager(2, true, 2);
    UserImpl u = (UserImpl) uMgr.createUser("z", "z");
    save(s);
    // remember the z-folder for later removal
    toRemove.add((NodeImpl) u.getNode().getParent().getParent());
    String zu = Text.escapeIllegalJcrChars("z*");
    String zur = Text.escapeIllegalJcrChars("z*r");
    Map<String, String> m = new ListOrderedMap();
    // test illegal JCR chars in uid
    // on level 2
    m.put("z*rich", "/z/" + zu + "/" + Text.escapeIllegalJcrChars("z*rich"));
    m.put("z*riq", "/z/" + zu + "/" + Text.escapeIllegalJcrChars("z*riq"));
    // still on level 2 (too short for 3)
    m.put("z*", "/z/" + zu + "/" + zu);
    // on level 3
    m.put("z*rik", "/z/" + zu + "/" + zur + "/" + Text.escapeIllegalJcrChars("z*rik"));
    m.put("z*.ri", "/z/" + zu + "/" + Text.escapeIllegalJcrChars("z*.") + "/" + Text.escapeIllegalJcrChars("z*.ri"));
    for (String uid : m.keySet()) {
        u = (UserImpl) uMgr.createUser(uid, uid);
        save(s);
        assertEquals(usersPath + m.get(uid), u.getNode().getPath());
        Authorizable ath = uMgr.getAuthorizable(uid);
        assertNotNull("User with id " + uid + " must exist.", ath);
        assertFalse("User with id " + uid + " must not be a group.", ath.isGroup());
    }
    // test for groups as well
    GroupImpl gr = (GroupImpl) uMgr.createGroup(new TestPrincipal("z[x]"));
    save(s);
    // remember the z-folder for later removal
    toRemove.add((NodeImpl) gr.getNode().getParent().getParent());
    assertEquals("z[x]", gr.getID());
    String expectedPath = groupsPath + "/z/" + Text.escapeIllegalJcrChars("z[") + "/" + Text.escapeIllegalJcrChars("z[x]");
    assertEquals(expectedPath, gr.getNode().getPath());
    Authorizable ath = uMgr.getAuthorizable(gr.getID());
    assertNotNull(ath);
    assertTrue(ath.isGroup());
    // test if conflicting authorizables are detected.
    try {
        uMgr.createUser("z[x]", "z[x]");
        save(s);
        fail("A group \"z[x]\" already exists.");
    } catch (AuthorizableExistsException e) {
    // success
    }
    try {
        uMgr.createGroup(new TestPrincipal("z*rik"));
        save(s);
        fail("A user \"z*rik\" already exists");
    } catch (AuthorizableExistsException e) {
    // success
    }
}

Example 8 with AuthorizableExistsException

use of org.apache.jackrabbit.api.security.user.AuthorizableExistsException in project jackrabbit by apache.

the class NodeCreationTest method testUUIDIsBuildCaseInsensitive.

public void testUUIDIsBuildCaseInsensitive() throws RepositoryException, NotExecutableException {
    createUserManager(2, true, 2);
    UserImpl u = (UserImpl) uMgr.createUser("ZuRiCh", "z");
    save(s);
    // remember the z-folder for later removal
    toRemove.add((NodeImpl) u.getNode().getParent().getParent());
    try {
        User u2 = uMgr.createUser("zurich", "z");
        fail("uuid is built from insensitive userID -> must conflict");
    } catch (AuthorizableExistsException e) {
    // success
    }
}

Example 9 with AuthorizableExistsException

use of org.apache.jackrabbit.api.security.user.AuthorizableExistsException in project jackrabbit-oak by apache.

the class UserImporter method handlePropInfo.

// -----------------------------------------< ProtectedPropertyImporter >---
@Override
public boolean handlePropInfo(@Nonnull Tree parent, @Nonnull PropInfo propInfo, @Nonnull PropertyDefinition def) throws RepositoryException {
    checkInitialized();
    String propName = propInfo.getName();
    if (isPwdNode(parent)) {
        // the XML to be imported. see OAK-1943 for the corresponding discussion.
        return importPwdNodeProperty(parent, propInfo, def);
    } else {
        Authorizable a = userManager.getAuthorizable(parent);
        if (a == null) {
            log.debug("Cannot handle protected PropInfo " + propInfo + ". Node " + parent + " doesn't represent an Authorizable.");
            return false;
        }
        if (REP_AUTHORIZABLE_ID.equals(propName)) {
            if (!isValid(def, NT_REP_AUTHORIZABLE, false)) {
                return false;
            }
            String id = propInfo.getTextValue().getString();
            Authorizable existing = userManager.getAuthorizable(id);
            if (existing == null) {
                String msg = "Cannot handle protected PropInfo " + propInfo + ". Invalid rep:authorizableId.";
                log.warn(msg);
                throw new ConstraintViolationException(msg);
            }
            if (a.getPath().equals(existing.getPath())) {
                parent.setProperty(REP_AUTHORIZABLE_ID, id);
            } else {
                throw new AuthorizableExistsException(id);
            }
            return true;
        } else if (REP_PRINCIPAL_NAME.equals(propName)) {
            if (!isValid(def, NT_REP_AUTHORIZABLE, false)) {
                return false;
            }
            String principalName = propInfo.getTextValue().getString();
            Principal principal = new PrincipalImpl(principalName);
            userManager.checkValidPrincipal(principal, a.isGroup());
            userManager.setPrincipal(parent, principal);
            /*
             Remember principal of new user/group for further processing
             of impersonators
             */
            if (principals == null) {
                principals = new HashMap<String, Principal>();
            }
            principals.put(principalName, a.getPrincipal());
            return true;
        } else if (REP_PASSWORD.equals(propName)) {
            if (a.isGroup() || !isValid(def, NT_REP_USER, false)) {
                log.warn("Unexpected authorizable or definition for property rep:password");
                return false;
            }
            if (((User) a).isSystemUser()) {
                log.warn("System users may not have a password set.");
                return false;
            }
            String pw = propInfo.getTextValue().getString();
            userManager.setPassword(parent, a.getID(), pw, false);
            currentPw = pw;
            return true;
        } else if (REP_IMPERSONATORS.equals(propName)) {
            if (a.isGroup() || !isValid(def, MIX_REP_IMPERSONATABLE, true)) {
                log.warn("Unexpected authorizable or definition for property rep:impersonators");
                return false;
            }
            // since impersonators may be imported later on, postpone processing
            // to the end.
            // see -> process References
            referenceTracker.processedReference(new Impersonators(parent.getPath(), propInfo.getTextValues()));
            return true;
        } else if (REP_DISABLED.equals(propName)) {
            if (a.isGroup() || !isValid(def, NT_REP_USER, false)) {
                log.warn("Unexpected authorizable or definition for property rep:disabled");
                return false;
            }
            ((User) a).disable(propInfo.getTextValue().getString());
            return true;
        } else if (REP_MEMBERS.equals(propName)) {
            if (!a.isGroup() || !isValid(def, NT_REP_MEMBER_REFERENCES, true)) {
                return false;
            }
            // since group-members are references to user/groups that potentially
            // are to be imported later on -> postpone processing to the end.
            // see -> process References
            getMembership(a.getPath()).addMembers(propInfo.getTextValues());
            return true;
        }
    // another protected property -> return false
    }
    // neither rep:pwd nor authorizable node -> not covered by this importer.
    return false;
}

Example 10 with AuthorizableExistsException

use of org.apache.jackrabbit.api.security.user.AuthorizableExistsException in project jackrabbit-oak by apache.

the class UserManagerTest method testCreateGroupWithExistingPrincipal3.

@Test
public void testCreateGroupWithExistingPrincipal3() throws RepositoryException, NotExecutableException {
    Principal p = getTestPrincipal();
    String uid = createUserId();
    assertFalse(uid.equals(p.getName()));
    User u = null;
    try {
        // create a user with the given ID
        u = userMgr.createUser(uid, "pw", p, null);
        superuser.save();
        // assert AuthorizableExistsException for principal that is already in use
        Group gr = null;
        try {
            gr = userMgr.createGroup(createGroupId(), p, null);
            fail("Principal " + p.getName() + " is already in use -> must throw AuthorizableExistsException.");
        } catch (AuthorizableExistsException e) {
        // expected this
        } finally {
            if (gr != null) {
                gr.remove();
                superuser.save();
            }
        }
    } finally {
        if (u != null) {
            u.remove();
            superuser.save();
        }
    }
}