Example 96 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class UserManagementTest method testCreateUser2.
@Test
public void testCreateUser2() throws Exception {
UserManager testUserMgr = getUserManager(testSession);
Privilege[] privs = privilegesFromNames(new String[] { PrivilegeConstants.REP_USER_MANAGEMENT, PrivilegeConstants.REP_WRITE });
allow("/", privs);
// creating user should succeed
testUserMgr.createUser(userId, "pw");
testSession.save();
}
Also used :
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Privilege(javax.jcr.security.Privilege)
Test(org.junit.Test)
Example 97 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class UserManagementTest method testRemoveUser.
@Test
public void testRemoveUser() throws Exception {
createUser(userId);
// testSession has user-mgt permission -> removal should succeed.
modify("/", PrivilegeConstants.REP_USER_MANAGEMENT, true);
UserManager testUserMgr = getUserManager(testSession);
Authorizable a = testUserMgr.getAuthorizable(userId);
a.remove();
testSession.save();
}
Also used :
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
Test(org.junit.Test)
Example 98 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class UserManagementTest method testCreateWithoutReadAccess.
@Test
public void testCreateWithoutReadAccess() throws Exception {
UserManager testUserMgr = getUserManager(testSession);
deny("/", privilegesFromName(PrivilegeConstants.JCR_READ));
allow("/", privilegesFromName(PrivilegeConstants.REP_USER_MANAGEMENT));
try {
Group gr = testUserMgr.createGroup(groupId);
testSession.save();
fail("Creating group without read-access on the folder node should fail");
} catch (AccessDeniedException e) {
// success
}
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
AccessDeniedException(javax.jcr.AccessDeniedException)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Test(org.junit.Test)
Example 99 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class UserManagementTest method tearDown.
@Override
@Before
public void tearDown() throws Exception {
try {
testSession.refresh(false);
superuser.refresh(false);
UserManager userMgr = getUserManager(superuser);
for (String id : authorizablesToRemove) {
Authorizable a = userMgr.getAuthorizable(id);
if (a != null) {
a.remove();
}
}
superuser.save();
} finally {
super.tearDown();
}
}
Also used :
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
Before(org.junit.Before)
Example 100 with UserManager
use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.
the class UserManagementTest method testGlobRestriction.
@Test
public void testGlobRestriction() throws Exception {
String groupHome = Text.getRelativeParent(UserConstants.DEFAULT_GROUP_PATH, 1);
Privilege[] privs = privilegesFromName(PrivilegeConstants.REP_USER_MANAGEMENT);
allow(groupHome, privs);
deny(groupHome, privs, createGlobRestriction("*/" + UserConstants.REP_MEMBERS));
UserManager testUserMgr = getUserManager(testSession);
// creating a new group must be allow
Group gr = testUserMgr.createGroup(groupId);
testSession.save();
// modifying group membership must be denied
try {
gr.addMember(testUserMgr.getAuthorizable(testSession.getUserID()));
testSession.save();
fail();
} catch (AccessDeniedException e) {
// success
} finally {
testSession.refresh(false);
}
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
AccessDeniedException(javax.jcr.AccessDeniedException)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Privilege(javax.jcr.security.Privilege)
Test(org.junit.Test)
Aggregations
UserManager (org.apache.jackrabbit.api.security.user.UserManager)234
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)93
Test (org.junit.Test)90
Group (org.apache.jackrabbit.api.security.user.Group)81
User (org.apache.jackrabbit.api.security.user.User)72
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)52
Session (javax.jcr.Session)45
RepositoryException (javax.jcr.RepositoryException)40
Principal (java.security.Principal)38
SimpleCredentials (javax.jcr.SimpleCredentials)34
AccessDeniedException (javax.jcr.AccessDeniedException)19
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)19
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)19
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)17
Node (javax.jcr.Node)15
PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)14
Value (javax.jcr.Value)11
Root (org.apache.jackrabbit.oak.api.Root)11
AccessControlManager (javax.jcr.security.AccessControlManager)9
ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)9
