use of org.apache.jackrabbit.api.security.user.Impersonation in project jackrabbit by apache.
the class GroupAdministratorTest method testImpersonationOfOtherUser.
public void testImpersonationOfOtherUser() throws RepositoryException, NotExecutableException {
UserManager umgr = getUserManager(uSession);
Principal selfPrinc = umgr.getAuthorizable(uID).getPrincipal();
User child = (User) umgr.getAuthorizable(getYetAnotherID());
Impersonation impers = child.getImpersonation();
assertFalse(impers.allows(buildSubject(selfPrinc)));
try {
assertFalse(impers.grantImpersonation(selfPrinc));
save(uSession);
} catch (AccessDeniedException e) {
// ok.
}
assertFalse(impers.allows(buildSubject(selfPrinc)));
User parent = (User) umgr.getAuthorizable(otherUID);
impers = parent.getImpersonation();
assertFalse(impers.allows(buildSubject(selfPrinc)));
try {
assertFalse(impers.grantImpersonation(selfPrinc));
save(uSession);
} catch (AccessDeniedException e) {
// ok.
}
assertFalse(impers.allows(buildSubject(selfPrinc)));
}
use of org.apache.jackrabbit.api.security.user.Impersonation in project jackrabbit by apache.
the class ImpersonationImplTest method testSystemPrincipalAsImpersonator.
public void testSystemPrincipalAsImpersonator() throws RepositoryException {
Principal systemPrincipal = new SystemPrincipal();
assertNull(userMgr.getAuthorizable(systemPrincipal));
// system cannot be add/remove to set of impersonators of 'u' nor
// should it be allowed to impersonate a given user...
User u = (User) userMgr.getAuthorizable(uID);
Impersonation impersonation = u.getImpersonation();
assertFalse(impersonation.grantImpersonation(systemPrincipal));
assertFalse(impersonation.revokeImpersonation(systemPrincipal));
assertFalse(impersonation.allows(buildSubject(systemPrincipal)));
}
use of org.apache.jackrabbit.api.security.user.Impersonation in project jackrabbit by apache.
the class ImpersonationImplTest method testAdminPrincipalAsImpersonator.
public void testAdminPrincipalAsImpersonator() throws RepositoryException, NotExecutableException {
String adminId = superuser.getUserID();
Authorizable a = userMgr.getAuthorizable(adminId);
if (a == null || a.isGroup() || !((User) a).isAdmin()) {
throw new NotExecutableException(adminId + " is not administators ID");
}
Principal adminPrincipal = new AdminPrincipal(adminId);
// admin cannot be add/remove to set of impersonators of 'u' but is
// always allowed to impersonate that user.
User u = (User) userMgr.getAuthorizable(uID);
Impersonation impersonation = u.getImpersonation();
assertFalse(impersonation.grantImpersonation(adminPrincipal));
assertFalse(impersonation.revokeImpersonation(adminPrincipal));
assertTrue(impersonation.allows(buildSubject(adminPrincipal)));
// same if the impersonation object of the admin itself is used.
Impersonation adminImpersonation = ((User) a).getImpersonation();
assertFalse(adminImpersonation.grantImpersonation(adminPrincipal));
assertFalse(adminImpersonation.revokeImpersonation(adminPrincipal));
assertTrue(impersonation.allows(buildSubject(adminPrincipal)));
}
Aggregations