Examples with UserManager - org.apache.jackrabbit.api.security.user.UserManager

Example 91 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class UserManagementTest method testRemoveUser2.

@Test
public void testRemoveUser2() throws Exception {
    createUser(userId);
    // testSession has user-mgt permission -> removal should succeed.
    Privilege[] privs = privilegesFromNames(new String[] { PrivilegeConstants.REP_USER_MANAGEMENT, PrivilegeConstants.REP_WRITE });
    allow("/", privs);
    UserManager testUserMgr = getUserManager(testSession);
    Authorizable a = testUserMgr.getAuthorizable(userId);
    a.remove();
    testSession.save();
}

Also used : UserManager(org.apache.jackrabbit.api.security.user.UserManager) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Privilege(javax.jcr.security.Privilege) Test(org.junit.Test)

Example 92 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class UserManagementTest method testCreateGroup2.

@Test
public void testCreateGroup2() throws Exception {
    UserManager testUserMgr = getUserManager(testSession);
    Privilege[] privs = privilegesFromNames(new String[] { PrivilegeConstants.REP_USER_MANAGEMENT, PrivilegeConstants.REP_WRITE });
    allow("/", privs);
    // creating group should succeed
    Group gr = testUserMgr.createGroup(groupId);
    testSession.save();
}

Also used : Group(org.apache.jackrabbit.api.security.user.Group) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Privilege(javax.jcr.security.Privilege) Test(org.junit.Test)

Example 93 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class UserManagementTest method testChangeUserPropertiesWithoutPermission2.

@Test
public void testChangeUserPropertiesWithoutPermission2() throws Exception {
    createUser(userId);
    // testSession has read and user-mgt permission but lacks permission to
    // alter regular properties
    modify("/", PrivilegeConstants.REP_USER_MANAGEMENT, true);
    UserManager testUserMgr = getUserManager(testSession);
    try {
        Authorizable a = testUserMgr.getAuthorizable(userId);
        a.setProperty("someProp", testSession.getValueFactory().createValue("value"));
        testSession.save();
        fail("Test session doesn't have sufficient permission to alter user properties.");
    } catch (AccessDeniedException e) {
    // success
    }
}

Also used : AccessDeniedException(javax.jcr.AccessDeniedException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Test(org.junit.Test)

Example 94 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class UserManagementTest method testDisableUser.

@Test
public void testDisableUser() throws Exception {
    createUser(userId);
    // after granting user-mgt privilege changing the pw must succeed.
    modify("/", PrivilegeConstants.REP_USER_MANAGEMENT, true);
    UserManager testUserMgr = getUserManager(testSession);
    User user = (User) testUserMgr.getAuthorizable(userId);
    user.disable("disabled!");
    testSession.save();
}

Also used : User(org.apache.jackrabbit.api.security.user.User) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Test(org.junit.Test)

Example 95 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class UserManagementTest method testCreateUserWithoutPermission.

@Test
public void testCreateUserWithoutPermission() throws Exception {
    UserManager testUserMgr = getUserManager(testSession);
    // testSession has read-only access
    try {
        testUserMgr.createUser(userId, "pw");
        testSession.save();
        fail("Test session doesn't have sufficient permission -> creating user should fail.");
    } catch (AccessDeniedException e) {
    // success
    }
    // testSession has write permission but no user-mgt permission
    // -> should still fail
    modify("/", PrivilegeConstants.REP_WRITE, true);
    try {
        testUserMgr.createUser(userId, "pw");
        testSession.save();
        fail("Test session doesn't have sufficient permission -> creating user should fail.");
    } catch (AccessDeniedException e) {
    // success
    }
}

Also used : AccessDeniedException(javax.jcr.AccessDeniedException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Test(org.junit.Test)

Aggregations

UserManager (org.apache.jackrabbit.api.security.user.UserManager)234 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)93 Test (org.junit.Test)90 Group (org.apache.jackrabbit.api.security.user.Group)81 User (org.apache.jackrabbit.api.security.user.User)72 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)52 Session (javax.jcr.Session)45 RepositoryException (javax.jcr.RepositoryException)40 Principal (java.security.Principal)38 SimpleCredentials (javax.jcr.SimpleCredentials)34 AccessDeniedException (javax.jcr.AccessDeniedException)19 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)19 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)19 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)17 Node (javax.jcr.Node)15 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)14 Value (javax.jcr.Value)11 Root (org.apache.jackrabbit.oak.api.Root)11 AccessControlManager (javax.jcr.security.AccessControlManager)9 ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)9