Examples with UserManager org.apache.jackrabbit.api.security.user.UserManager used on opensource projects

Example 16 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit by apache.

the class TokenProviderTest method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    if (superuser instanceof SessionImpl) {
        UserManager umgr = ((SessionImpl) superuser).getUserManager();
        if (!umgr.isAutoSave()) {
            umgr.autoSave(true);
        }
        String uid = "test";
        while (umgr.getAuthorizable(uid) != null) {
            uid += "_";
        }
        testuser = umgr.createUser(uid, uid);
        userId = testuser.getID();
    } else {
        throw new NotExecutableException();
    }
    if (superuser.nodeExists(((ItemBasedPrincipal) testuser.getPrincipal()).getPath())) {
        session = (SessionImpl) superuser;
    } else {
        session = (SessionImpl) getHelper().getSuperuserSession("security");
    }
    tokenProvider = new TokenProvider((SessionImpl) session, TokenBasedAuthentication.TOKEN_EXPIRATION);
}

Example 17 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit by apache.

the class AccessControlImporterTest method testImportPrincipalBasedACL.

/**
     * Imports a principal-based ACL containing a single entry mist fail with
     * the default configuration.
     *
     * @throws Exception
     */
public void testImportPrincipalBasedACL() throws Exception {
    JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) sImpl.getAccessControlManager();
    if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 || acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
        // test expects that only resource-based acl is supported
        throw new NotExecutableException();
    }
    PrincipalManager pmgr = sImpl.getPrincipalManager();
    if (!pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
        UserManager umgr = sImpl.getUserManager();
        umgr.createGroup(new PrincipalImpl(SecurityConstants.ADMINISTRATORS_NAME));
        if (!umgr.isAutoSave()) {
            sImpl.save();
        }
        if (pmgr.hasPrincipal(SecurityConstants.ADMINISTRATORS_NAME)) {
            throw new NotExecutableException();
        }
    }
    NodeImpl target;
    NodeImpl root = (NodeImpl) sImpl.getRootNode();
    if (!root.hasNode(AccessControlConstants.N_ACCESSCONTROL)) {
        target = root.addNode(AccessControlConstants.N_ACCESSCONTROL, AccessControlConstants.NT_REP_ACCESS_CONTROL, null);
    } else {
        target = root.getNode(AccessControlConstants.N_ACCESSCONTROL);
        if (!target.isNodeType(AccessControlConstants.NT_REP_ACCESS_CONTROL)) {
            target.setPrimaryType(sImpl.getJCRName(AccessControlConstants.NT_REP_ACCESS_CONTROL));
        }
    }
    try {
        InputStream in = new ByteArrayInputStream(XML_AC_TREE.getBytes("UTF-8"));
        SessionImporter importer = new SessionImporter(target, sImpl, ImportUUIDBehavior.IMPORT_UUID_COLLISION_THROW, new PseudoConfig());
        ImportHandler ih = new ImportHandler(importer, sImpl);
        new ParsingContentHandler(ih).parse(in);
        fail("Default config only allows resource-based ACL -> protected import must fail");
    } catch (SAXException e) {
        if (e.getException() instanceof ConstraintViolationException) {
        // success
        } else {
            throw e;
        }
    } finally {
        superuser.refresh(false);
    }
}

Example 18 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class AbstractPrincipalProviderTest method testFindUserPrincipal.

@Test
public void testFindUserPrincipal() throws Exception {
    User testUser = null;
    try {
        UserManager userMgr = getUserManager(root);
        testUser = userMgr.createUser("TestUser", "pw");
        root.commit();
        String principalName = testUser.getPrincipal().getName();
        assertNotNull(principalProvider.getPrincipal(principalName));
        List<String> nameHints = new ArrayList<String>();
        nameHints.add("TestUser");
        nameHints.add("Test");
        nameHints.add("User");
        nameHints.add("stUs");
        assertResult(principalProvider, nameHints, principalName, PrincipalManager.SEARCH_TYPE_NOT_GROUP, true);
        assertResult(principalProvider, nameHints, principalName, PrincipalManager.SEARCH_TYPE_ALL, true);
        assertResult(principalProvider, nameHints, principalName, PrincipalManager.SEARCH_TYPE_GROUP, false);
    } finally {
        if (testUser != null) {
            testUser.remove();
            root.commit();
        }
    }
}

Example 19 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit-oak by apache.

the class ItemNameRestrictionTest method before.

@Override
public void before() throws Exception {
    super.before();
    Tree rootTree = root.getTree("/");
    NodeUtil f = new NodeUtil(rootTree).getOrAddTree("a/d/b/e/c/f", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
    NodeUtil c = f.getParent();
    c.setString("prop", "value");
    c.setString("a", "value");
    testPrincipal = getTestUser().getPrincipal();
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/a");
    vf = new ValueFactoryImpl(root, NamePathMapper.DEFAULT);
    acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_ADD_PROPERTIES, PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_REMOVE_NODE), true, Collections.<String, Value>emptyMap(), ImmutableMap.of(AccessControlConstants.REP_ITEM_NAMES, new Value[] { vf.createValue("a", PropertyType.NAME), vf.createValue("b", PropertyType.NAME), vf.createValue("c", PropertyType.NAME) }));
    acMgr.setPolicy(acl.getPath(), acl);
    UserManager uMgr = getUserManager(root);
    testGroup = uMgr.createGroup("testGroup" + UUID.randomUUID());
    root.commit();
    testSession = createTestSession();
}

Example 20 with UserManager

use of org.apache.jackrabbit.api.security.user.UserManager in project jackrabbit by apache.

the class UserAccessControlProvider method init.

//----------------------------------------------< AccessControlProvider >---
/**
     * @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#init(Session, Map)
     */
@Override
public void init(Session systemSession, Map configuration) throws RepositoryException {
    super.init(systemSession, configuration);
    if (systemSession instanceof SessionImpl) {
        SessionImpl sImpl = (SessionImpl) systemSession;
        String userAdminName = (configuration.containsKey(USER_ADMIN_GROUP_NAME)) ? configuration.get(USER_ADMIN_GROUP_NAME).toString() : USER_ADMIN_GROUP_NAME;
        String groupAdminName = (configuration.containsKey(GROUP_ADMIN_GROUP_NAME)) ? configuration.get(GROUP_ADMIN_GROUP_NAME).toString() : GROUP_ADMIN_GROUP_NAME;
        // make sure the groups exist (and possibly create them).
        UserManager uMgr = sImpl.getUserManager();
        userAdminGroup = initGroup(uMgr, userAdminName);
        if (userAdminGroup != null && userAdminGroup instanceof ItemBasedPrincipal) {
            userAdminGroupPath = ((ItemBasedPrincipal) userAdminGroup).getPath();
        }
        groupAdminGroup = initGroup(uMgr, groupAdminName);
        if (groupAdminGroup != null && groupAdminGroup instanceof ItemBasedPrincipal) {
            groupAdminGroupPath = ((ItemBasedPrincipal) groupAdminGroup).getPath();
        }
        Principal administrators = initGroup(uMgr, SecurityConstants.ADMINISTRATORS_NAME);
        if (administrators != null && administrators instanceof ItemBasedPrincipal) {
            administratorsGroupPath = ((ItemBasedPrincipal) administrators).getPath();
        }
        usersPath = (uMgr instanceof UserManagerImpl) ? ((UserManagerImpl) uMgr).getUsersPath() : UserConstants.USERS_PATH;
        groupsPath = (uMgr instanceof UserManagerImpl) ? ((UserManagerImpl) uMgr).getGroupsPath() : UserConstants.GROUPS_PATH;
        membersInProperty = !(uMgr instanceof UserManagerImpl) || !((UserManagerImpl) uMgr).hasMemberSplitSize();
        if (configuration.containsKey(PARAM_ANONYMOUS_ID)) {
            anonymousId = (String) configuration.get(PARAM_ANONYMOUS_ID);
        } else {
            anonymousId = SecurityConstants.ANONYMOUS_ID;
        }
        if (configuration.containsKey(PARAM_ANONYMOUS_ACCESS)) {
            anonymousAccess = Boolean.parseBoolean((String) configuration.get(PARAM_ANONYMOUS_ACCESS));
        } else {
            anonymousAccess = true;
        }
    } else {
        throw new RepositoryException("SessionImpl (system session) expected.");
    }
}