Search in sources :

Example 6 with TestPrincipal

use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.

the class DefaultPrincipalProviderTest method testPrincipalCache.

/**
     * Test if cache is properly updated.
     * 
     * @throws Exception
     */
public void testPrincipalCache() throws Exception {
    Principal testPrincipal = getTestPrincipal();
    String testName = testPrincipal.getName();
    assertNull(principalProvider.getPrincipal(testName));
    // create a user with the given principal name -> cache must be updated.
    Authorizable a = userMgr.createUser(testName, "pw");
    save(superuser);
    try {
        assertNotNull(principalProvider.getPrincipal(testName));
    } finally {
        a.remove();
        save(superuser);
    }
    // after removal -> entry must be removed from the cache.
    assertNull(principalProvider.getPrincipal(testName));
    // create a group with that name
    a = userMgr.createGroup(testPrincipal);
    save(superuser);
    try {
        Principal p = principalProvider.getPrincipal(testName);
        assertNotNull(p);
        assertTrue(p instanceof java.security.acl.Group);
    } finally {
        a.remove();
        save(superuser);
    }
    // recreate user again without filling cache with 'null' value
    a = userMgr.createUser(testName, "pw");
    save(superuser);
    try {
        Principal p = principalProvider.getPrincipal(testName);
        assertNotNull(p);
        assertFalse(p instanceof java.security.acl.Group);
    } finally {
        a.remove();
        save(superuser);
    }
}
Also used : Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal)

Example 7 with TestPrincipal

use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.

the class AbstractACLTemplateTest method testReorderInvalidElements.

public void testReorderInvalidElements() throws Exception {
    Privilege[] read = privilegesFromName(Privilege.JCR_READ);
    Privilege[] write = privilegesFromName(Privilege.JCR_WRITE);
    Principal p2 = getSecondPrincipal();
    AbstractACLTemplate acl = (AbstractACLTemplate) createEmptyTemplate(getTestPath());
    acl.addAccessControlEntry(testPrincipal, read);
    acl.addAccessControlEntry(p2, write);
    AbstractACLTemplate acl2 = (AbstractACLTemplate) createEmptyTemplate(getTestPath());
    acl2.addEntry(testPrincipal, write, false);
    AccessControlEntry invalid = acl2.getEntries().get(0);
    try {
        acl.orderBefore(invalid, acl.getEntries().get(0));
        fail("src entry not contained in list -> reorder should fail.");
    } catch (AccessControlException e) {
    // success
    }
    try {
        acl.orderBefore(acl.getEntries().get(0), invalid);
        fail("dest entry not contained in list -> reorder should fail.");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) AccessControlException(javax.jcr.security.AccessControlException) Privilege(javax.jcr.security.Privilege) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal)

Example 8 with TestPrincipal

use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.

the class AbstractACLTemplateTest method testReorder.

public void testReorder() throws Exception {
    Privilege[] read = privilegesFromName(Privilege.JCR_READ);
    Privilege[] write = privilegesFromName(Privilege.JCR_WRITE);
    Principal p2 = getSecondPrincipal();
    AbstractACLTemplate acl = (AbstractACLTemplate) createEmptyTemplate(getTestPath());
    acl.addAccessControlEntry(testPrincipal, read);
    acl.addEntry(testPrincipal, write, false);
    acl.addAccessControlEntry(p2, write);
    AccessControlEntry[] entries = acl.getAccessControlEntries();
    assertEquals(3, entries.length);
    AccessControlEntry aReadTP = entries[0];
    AccessControlEntry dWriteTP = entries[1];
    AccessControlEntry aWriteP2 = entries[2];
    // reorder aWriteP2 to the first position
    acl.orderBefore(aWriteP2, aReadTP);
    assertEquals(0, acl.getEntries().indexOf(aWriteP2));
    assertEquals(1, acl.getEntries().indexOf(aReadTP));
    assertEquals(2, acl.getEntries().indexOf(dWriteTP));
    // reorder aReadTP to the end of the list
    acl.orderBefore(aReadTP, null);
    assertEquals(0, acl.getEntries().indexOf(aWriteP2));
    assertEquals(1, acl.getEntries().indexOf(dWriteTP));
    assertEquals(2, acl.getEntries().indexOf(aReadTP));
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) AccessControlEntry(javax.jcr.security.AccessControlEntry) Privilege(javax.jcr.security.Privilege) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal)

Example 9 with TestPrincipal

use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.

the class AbstractACLTemplateTest method testRemoveInvalidEntry.

public void testRemoveInvalidEntry() throws RepositoryException {
    JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
    try {
        pt.removeAccessControlEntry(new JackrabbitAccessControlEntry() {

            public boolean isAllow() {
                return false;
            }

            public String[] getRestrictionNames() {
                return new String[0];
            }

            public Value getRestriction(String restrictionName) {
                return null;
            }

            public Value[] getRestrictions(String restrictionName) throws RepositoryException {
                return null;
            }

            public Principal getPrincipal() {
                return testPrincipal;
            }

            public Privilege[] getPrivileges() {
                try {
                    return privilegesFromName(Privilege.JCR_READ);
                } catch (Exception e) {
                    return new Privilege[0];
                }
            }
        });
        fail("Passing an unknown ACE should fail");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : JackrabbitAccessControlEntry(org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry) Value(javax.jcr.Value) AccessControlException(javax.jcr.security.AccessControlException) RepositoryException(javax.jcr.RepositoryException) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal) AccessControlException(javax.jcr.security.AccessControlException) RepositoryException(javax.jcr.RepositoryException) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)

Example 10 with TestPrincipal

use of org.apache.jackrabbit.core.security.TestPrincipal in project jackrabbit by apache.

the class UserManagerImplTest method testCreatingGroupWithPrincipalMatchingExistingUserId.

public void testCreatingGroupWithPrincipalMatchingExistingUserId() throws RepositoryException, NotExecutableException {
    Principal p = getTestPrincipal();
    String uid = getTestUserId(p);
    User u = null;
    Group gr = null;
    try {
        u = userMgr.createUser(uid, buildPassword(uid), p, null);
        save(superuser);
        gr = userMgr.createGroup(new TestPrincipal(uid));
        save(superuser);
        String msg = "Creating a Group with a principal-name that exists as UserID -> must create new GroupID but keep PrincipalName.";
        assertFalse(msg, gr.getID().equals(gr.getPrincipal().getName()));
        assertFalse(msg, gr.getID().equals(uid));
        assertFalse(msg, gr.getID().equals(u.getID()));
        assertEquals(msg, uid, gr.getPrincipal().getName());
    } finally {
        if (u != null) {
            u.remove();
            save(superuser);
        }
        if (gr != null) {
            gr.remove();
            save(superuser);
        }
    }
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) User(org.apache.jackrabbit.api.security.user.User) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) TestPrincipal(org.apache.jackrabbit.core.security.TestPrincipal) Principal(java.security.Principal)

Aggregations

TestPrincipal (org.apache.jackrabbit.core.security.TestPrincipal)18 Principal (java.security.Principal)16 EveryonePrincipal (org.apache.jackrabbit.core.security.principal.EveryonePrincipal)7 Privilege (javax.jcr.security.Privilege)6 UserManager (org.apache.jackrabbit.api.security.user.UserManager)6 AccessControlException (javax.jcr.security.AccessControlException)5 JackrabbitAccessControlEntry (org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry)5 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)5 Group (org.apache.jackrabbit.api.security.user.Group)5 AccessControlEntry (javax.jcr.security.AccessControlEntry)4 Node (javax.jcr.Node)3 RepositoryException (javax.jcr.RepositoryException)3 AccessControlManager (javax.jcr.security.AccessControlManager)3 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)3 Value (javax.jcr.Value)2 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)2 User (org.apache.jackrabbit.api.security.user.User)2 HashMap (java.util.HashMap)1 InvalidItemStateException (javax.jcr.InvalidItemStateException)1 Session (javax.jcr.Session)1