Example 6 with CompiledPermissions
use of org.apache.jackrabbit.core.security.authorization.CompiledPermissions in project jackrabbit by apache.
the class DefaultAccessManager method hasPrivileges.
/**
* @see org.apache.jackrabbit.api.security.JackrabbitAccessControlManager#hasPrivileges(String, Set, Privilege[])
*/
public boolean hasPrivileges(String absPath, Set<Principal> principals, Privilege[] privileges) throws PathNotFoundException, RepositoryException {
checkInitialized();
checkValidNodePath(absPath);
checkPermission(absPath, Permission.READ_AC);
if (privileges == null || privileges.length == 0) {
// null or empty privilege array -> return true
log.debug("No privileges passed -> allowed.");
return true;
} else {
Path p = getPath(absPath);
CompiledPermissions perms = acProvider.compilePermissions(principals);
try {
return perms.hasPrivileges(p, privileges);
} finally {
perms.close();
}
}
}
Also used :
Path(org.apache.jackrabbit.spi.Path)
CompiledPermissions(org.apache.jackrabbit.core.security.authorization.CompiledPermissions)
Example 7 with CompiledPermissions
use of org.apache.jackrabbit.core.security.authorization.CompiledPermissions in project jackrabbit by apache.
the class UserAccessControlProviderTest method testNodeRemovedForPrincipal.
public void testNodeRemovedForPrincipal() throws RepositoryException, NotExecutableException {
Principal testPrincipal = getTestPrincipal();
final User u = getUserManager(superuser).createUser(testPrincipal.getName(), "pw");
save(superuser);
Path rootPath = ((SessionImpl) s).getQPath("/");
CompiledPermissions cp = null;
try {
Set<Principal> principals = Collections.singleton(u.getPrincipal());
cp = provider.compilePermissions(principals);
assertTrue(cp.canReadAll());
assertTrue(cp.grants(rootPath, Permission.READ));
assertNotSame(CompiledPermissions.NO_PERMISSION, cp);
} finally {
// remove the user to assert that the path doesn't point to an
// existing node any more -> userNode cannot be resolved any more -> permissions denied.
u.remove();
save(superuser);
if (cp != null) {
assertFalse(cp.canReadAll());
assertFalse(cp.grants(rootPath, Permission.READ));
assertTrue(cp.getPrivilegeSet(rootPath).isEmpty());
}
}
}
Also used :
Path(org.apache.jackrabbit.spi.Path)
User(org.apache.jackrabbit.api.security.user.User)
SessionImpl(org.apache.jackrabbit.core.SessionImpl)
CompiledPermissions(org.apache.jackrabbit.core.security.authorization.CompiledPermissions)
Principal(java.security.Principal)
ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)
Aggregations
CompiledPermissions (org.apache.jackrabbit.core.security.authorization.CompiledPermissions)7
Principal (java.security.Principal)5
ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)5
Path (org.apache.jackrabbit.spi.Path)3
HashMap (java.util.HashMap)2
NodeImpl (org.apache.jackrabbit.core.NodeImpl)2
SessionImpl (org.apache.jackrabbit.core.SessionImpl)2
AccessControlProvider (org.apache.jackrabbit.core.security.authorization.AccessControlProvider)2
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
Set (java.util.Set)1
Privilege (javax.jcr.security.Privilege)1
User (org.apache.jackrabbit.api.security.user.User)1
