use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.
the class WriteTest method testEditor2.
public void testEditor2() throws NotExecutableException, RepositoryException {
UserManager uMgr = getUserManager(superuser);
User u = null;
User u2 = null;
try {
u = uMgr.createUser("t", "t");
u2 = uMgr.createUser("tt", "tt", new TestPrincipal("tt"), "t/tt");
if (!uMgr.isAutoSave()) {
superuser.save();
}
Principal p = u.getPrincipal();
Principal p2 = u2.getPrincipal();
if (p instanceof ItemBasedPrincipal && p2 instanceof ItemBasedPrincipal && Text.isDescendant(((ItemBasedPrincipal) p).getPath(), ((ItemBasedPrincipal) p2).getPath())) {
JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);
JackrabbitAccessControlPolicy[] acls = acMgr.getApplicablePolicies(p2);
acMgr.setPolicy(acls[0].getPath(), acls[0]);
acls = acMgr.getApplicablePolicies(p);
String path = acls[0].getPath();
Node n = superuser.getNode(path);
assertEquals("rep:PrincipalAccessControl", n.getPrimaryNodeType().getName());
} else {
throw new NotExecutableException();
}
} finally {
superuser.refresh(false);
if (u2 != null)
u2.remove();
if (u != null)
u.remove();
if (!uMgr.isAutoSave()) {
superuser.save();
}
}
}
use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.
the class WriteTest method testMultipleGroupPermissionsOnNode2.
public void testMultipleGroupPermissionsOnNode2() throws NotExecutableException, RepositoryException {
Group testGroup = getTestGroup();
/* create a second group the test user is member of */
Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
UserManager umgr = getUserManager(superuser);
Group group2 = umgr.createGroup(principal);
try {
group2.addMember(testUser);
if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
superuser.save();
}
/* add privileges for the Group the test-user is member of */
Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
withdrawPrivileges(path, testGroup.getPrincipal(), privileges, getRestrictions(superuser, path));
givePrivileges(path, group2.getPrincipal(), privileges, getRestrictions(superuser, path));
/*
testuser must get the permissions/privileges inherited from
the group it is member of.
granting permissions for group2 must be effective
*/
String actions = javax.jcr.Session.ACTION_SET_PROPERTY + "," + javax.jcr.Session.ACTION_READ;
AccessControlManager testAcMgr = getTestACManager();
assertTrue(getTestSession().hasPermission(path, actions));
Privilege[] privs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
assertTrue(testAcMgr.hasPrivileges(path, privs));
} finally {
group2.remove();
}
}
use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.
the class WriteTest method testReorderGroupPermissions.
public void testReorderGroupPermissions() throws NotExecutableException, RepositoryException {
Group testGroup = getTestGroup();
/* create a second group the test user is member of */
Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
UserManager umgr = getUserManager(superuser);
Group group2 = umgr.createGroup(principal);
try {
group2.addMember(testUser);
if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
superuser.save();
}
/* add privileges for the Group the test-user is member of */
Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
withdrawPrivileges(path, testGroup.getPrincipal(), privileges, getRestrictions(superuser, path));
givePrivileges(path, group2.getPrincipal(), privileges, getRestrictions(superuser, path));
/*
testuser must get the permissions/privileges inherited from
the group it is member of.
granting permissions for group2 must be effective
*/
String actions = javax.jcr.Session.ACTION_SET_PROPERTY + "," + javax.jcr.Session.ACTION_READ;
AccessControlManager testAcMgr = getTestACManager();
assertTrue(getTestSession().hasPermission(path, actions));
Privilege[] privs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
assertTrue(testAcMgr.hasPrivileges(path, privs));
// reorder the ACEs
AccessControlEntry srcEntry = null;
AccessControlEntry destEntry = null;
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) acMgr.getPolicies(path)[0];
for (AccessControlEntry entry : acl.getAccessControlEntries()) {
Principal princ = entry.getPrincipal();
if (testGroup.getPrincipal().equals(princ)) {
destEntry = entry;
} else if (group2.getPrincipal().equals(princ)) {
srcEntry = entry;
}
}
acl.orderBefore(srcEntry, destEntry);
acMgr.setPolicy(path, acl);
superuser.save();
/* after reordering the permissions must be denied */
assertFalse(getTestSession().hasPermission(path, actions));
assertFalse(testAcMgr.hasPrivileges(path, privs));
} finally {
group2.remove();
}
}
use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.
the class WriteTest method testMultipleGroupPermissionsOnNode.
public void testMultipleGroupPermissionsOnNode() throws NotExecutableException, RepositoryException {
Group testGroup = getTestGroup();
/* create a second group the test user is member of */
Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
UserManager umgr = getUserManager(superuser);
Group group2 = umgr.createGroup(principal);
try {
group2.addMember(testUser);
if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
superuser.save();
}
/* add privileges for the Group the test-user is member of */
Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
givePrivileges(path, testGroup.getPrincipal(), privileges, getRestrictions(superuser, path));
withdrawPrivileges(path, group2.getPrincipal(), privileges, getRestrictions(superuser, path));
/*
testuser must get the permissions/privileges inherited from
the group it is member of.
the denial of group2 must succeed
*/
String actions = javax.jcr.Session.ACTION_SET_PROPERTY + "," + javax.jcr.Session.ACTION_READ;
AccessControlManager testAcMgr = getTestACManager();
assertFalse(getTestSession().hasPermission(path, actions));
Privilege[] privs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
assertFalse(testAcMgr.hasPrivileges(path, privs));
} finally {
group2.remove();
}
}
use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.
the class DefaultPrincipalProviderTest method testCacheDoesntContainTestPrincipalImpl.
/**
*
* @throws Exception
*/
public void testCacheDoesntContainTestPrincipalImpl() throws Exception {
Set<Principal> principals = getPrincipalSetFromSession(superuser);
for (Principal p : principals) {
Principal testPrinc = new TestPrincipal(p.getName());
principalProvider.getGroupMembership(testPrinc);
Principal fromProvider = principalProvider.getPrincipal(p.getName());
assertNotSame(testPrinc, fromProvider);
assertFalse(fromProvider instanceof TestPrincipal);
}
}
Aggregations