Example 61 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class PermissionProviderImplTest method after.
@Override
public void after() throws Exception {
try {
root.getTree("/test").remove();
UserManager uMgr = getUserManager(root);
if (adminstrators != null) {
uMgr.getAuthorizable(adminstrators.getID()).remove();
}
if (root.hasPendingChanges()) {
root.commit();
}
} finally {
super.after();
}
}
Also used :
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Example 62 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class PermissionProviderImplTest method before.
@Override
public void before() throws Exception {
super.before();
new NodeUtil(root.getTree("/")).addChild("test", JcrConstants.NT_UNSTRUCTURED);
UserManager uMgr = getUserManager(root);
adminstrators = uMgr.createGroup(ADMINISTRATOR_GROUP);
root.commit();
config = getSecurityProvider().getConfiguration(AuthorizationConfiguration.class);
}
Also used :
AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil)
Example 63 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit by apache.
the class TokenProviderTest method setUp.
@Override
protected void setUp() throws Exception {
super.setUp();
if (superuser instanceof SessionImpl) {
UserManager umgr = ((SessionImpl) superuser).getUserManager();
if (!umgr.isAutoSave()) {
umgr.autoSave(true);
}
String uid = "test";
while (umgr.getAuthorizable(uid) != null) {
uid += "_";
}
testuser = umgr.createUser(uid, uid);
userId = testuser.getID();
} else {
throw new NotExecutableException();
}
if (superuser.nodeExists(((ItemBasedPrincipal) testuser.getPrincipal()).getPath())) {
session = (SessionImpl) superuser;
} else {
session = (SessionImpl) getHelper().getSuperuserSession("security");
}
tokenProvider = new TokenProvider((SessionImpl) session, TokenBasedAuthentication.TOKEN_EXPIRATION);
}
Also used :
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
SessionImpl(org.apache.jackrabbit.core.SessionImpl)
Example 64 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit by apache.
the class AccessControlImporterTest method testImportPrincipalBasedACL.
/**
* Imports a principal-based ACL containing a single entry mist fail with
* the default configuration.
*
* @throws Exception
*/
public void testImportPrincipalBasedACL() throws Exception {
JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) sImpl.getAccessControlManager();
if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 || acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
// test expects that only resource-based acl is supported
throw new NotExecutableException();
}
PrincipalManager pmgr = sImpl.getPrincipalManager();
if (!pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
UserManager umgr = sImpl.getUserManager();
umgr.createGroup(new PrincipalImpl(SecurityConstants.ADMINISTRATORS_NAME));
if (!umgr.isAutoSave()) {
sImpl.save();
}
if (pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
throw new NotExecutableException();
}
}
NodeImpl target;
NodeImpl root = (NodeImpl) sImpl.getRootNode();
if (!root.hasNode(AccessControlConstants.N_ACCESSCONTROL)) {
target = root.addNode(AccessControlConstants.N_ACCESSCONTROL, AccessControlConstants.NT_REP_ACCESS_CONTROL, null);
} else {
target = root.getNode(AccessControlConstants.N_ACCESSCONTROL);
if (!target.isNodeType(AccessControlConstants.NT_REP_ACCESS_CONTROL)) {
target.setPrimaryType(sImpl.getJCRName(AccessControlConstants.NT_REP_ACCESS_CONTROL));
}
}
try {
InputStream in = new ByteArrayInputStream(XML_AC_TREE.getBytes("UTF-8"));
SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
ImportHandler ih = new ImportHandler(importer, sImpl);
new ParsingContentHandler(ih).parse(in);
fail("Default config only allows resource-based ACL -> protected import must fail");
} catch (SAXException e) {
if (e.getException() instanceof ConstraintViolationException) {
// success
} else {
throw e;
}
} finally {
superuser.refresh(false);
}
}
Also used :
JackrabbitAccessControlManager(org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ParsingContentHandler(org.apache.jackrabbit.commons.xml.ParsingContentHandler)
SAXException(org.xml.sax.SAXException)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
ConstraintViolationException(javax.jcr.nodetype.ConstraintViolationException)
PrincipalImpl(org.apache.jackrabbit.core.security.principal.PrincipalImpl)
Example 65 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class PrincipalProviderImplTest method testEveryoneMembers.
@Test
public void testEveryoneMembers() throws Exception {
Principal everyone = principalProvider.getPrincipal(EveryonePrincipal.NAME);
assertTrue(everyone instanceof EveryonePrincipal);
Group everyoneGroup = null;
try {
UserManager userMgr = getUserManager(root);
everyoneGroup = userMgr.createGroup(EveryonePrincipal.NAME);
root.commit();
Principal ep = principalProvider.getPrincipal(EveryonePrincipal.NAME);
Set<? extends Principal> everyoneMembers = ImmutableSet.copyOf(Collections.list(((java.security.acl.Group) ep).members()));
Iterator<? extends Principal> all = principalProvider.findPrincipals(PrincipalManager.SEARCH_TYPE_ALL);
while (all.hasNext()) {
Principal p = all.next();
if (everyone.equals(p)) {
assertFalse(everyoneMembers.contains(p));
} else {
assertTrue(everyoneMembers.contains(p));
}
}
} finally {
if (everyoneGroup != null) {
everyoneGroup.remove();
root.commit();
}
}
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Principal(java.security.Principal)
EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)
EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)
Test(org.junit.Test)
Aggregations
UserManager (org.apache.jackrabbit.api.security.user.UserManager)234
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)93
Test (org.junit.Test)90
Group (org.apache.jackrabbit.api.security.user.Group)81
User (org.apache.jackrabbit.api.security.user.User)72
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)52
Session (javax.jcr.Session)45
RepositoryException (javax.jcr.RepositoryException)40
Principal (java.security.Principal)38
SimpleCredentials (javax.jcr.SimpleCredentials)34
AccessDeniedException (javax.jcr.AccessDeniedException)19
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)19
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)19
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)17
Node (javax.jcr.Node)15
PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)14
Value (javax.jcr.Value)11
Root (org.apache.jackrabbit.oak.api.Root)11
AccessControlManager (javax.jcr.security.AccessControlManager)9
ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)9
