Search in sources :

Example 46 with ContentSession

use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.

the class AbstractRemoveMembersByIdTest method removeExistingMemberWithoutAccess.

Set<String> removeExistingMemberWithoutAccess() throws Exception {
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testGroup.getPath());
    if (acl != null) {
        if (acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_USER_MANAGEMENT), true)) {
            acMgr.setPolicy(testGroup.getPath(), acl);
            root.commit();
        }
    }
    String userId = getTestUser().getID();
    ContentSession testSession = null;
    try {
        testSession = login(new SimpleCredentials(userId, userId.toCharArray()));
        Root testRoot = testSession.getLatestRoot();
        assertFalse(testRoot.getTree(memberGroup.getPath()).exists());
        Group gr = getUserManager(testRoot).getAuthorizable(testGroup.getID(), Group.class);
        Set<String> failed = gr.removeMembers(memberGroup.getID());
        testRoot.commit();
        return failed;
    } finally {
        if (testSession != null) {
            testSession.close();
        }
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) SimpleCredentials(javax.jcr.SimpleCredentials) Group(org.apache.jackrabbit.api.security.user.Group) Root(org.apache.jackrabbit.oak.api.Root) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)

Example 47 with ContentSession

use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.

the class SystemUserImplTest method testImpersonateDisabledSystemUser.

@Test
public void testImpersonateDisabledSystemUser() throws Exception {
    User user = createUser(null);
    user.disable("disabled");
    root.commit();
    try {
        ContentSession cs = login(new ImpersonationCredentials(new SimpleCredentials(uid, new char[0]), adminSession.getAuthInfo()));
        cs.close();
        fail();
    } catch (LoginException e) {
    // success
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) LoginException(javax.security.auth.login.LoginException) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 48 with ContentSession

use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.

the class SystemUserImplTest method testImpersonateSystemUser.

@Test
public void testImpersonateSystemUser() throws Exception {
    createUser(null);
    ContentSession cs = login(new ImpersonationCredentials(new SimpleCredentials(uid, new char[0]), adminSession.getAuthInfo()));
    cs.close();
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 49 with ContentSession

use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.

the class L6_AdministratativeAccessTest method testAdministrativeConfiguration.

@Test
public void testAdministrativeConfiguration() throws Exception {
    // EXERCISE once you have defined the right permission-eval configuration options
    // EXERCISE the test principal should be treated as 'administrative' principal and the test should pass.
    ContentSession testSession = createTestSession();
    try {
        Root testRoot = testSession.getLatestRoot();
        Tree rootTree = testRoot.getTree("/");
        // EXERCISE walk through the add + remove
        NodeUtil child = new NodeUtil(rootTree).addChild("test", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
        child.setString("prop", "val");
        testRoot.commit();
        child.getTree().remove();
        testRoot.commit();
    } finally {
        testSession.close();
    }
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 50 with ContentSession

use of org.apache.jackrabbit.oak.api.ContentSession in project jackrabbit-oak by apache.

the class ContentRemoteRepository method login.

@Override
public RemoteSession login(RemoteCredentials remoteCredentials) throws RemoteLoginException {
    ContentRemoteCredentials contentRemoteCredentials = null;
    if (remoteCredentials instanceof ContentRemoteCredentials) {
        contentRemoteCredentials = (ContentRemoteCredentials) remoteCredentials;
    }
    if (contentRemoteCredentials == null) {
        throw new IllegalArgumentException("invalid credentials");
    }
    Thread thread = Thread.currentThread();
    ClassLoader loader = thread.getContextClassLoader();
    thread.setContextClassLoader(Oak.class.getClassLoader());
    ContentSession session;
    try {
        session = contentRemoteCredentials.login(contentRepository);
    } finally {
        thread.setContextClassLoader(loader);
    }
    return new ContentRemoteSession(session, contentRemoteRevisions, contentRemoteBinaries);
}
Also used : Oak(org.apache.jackrabbit.oak.Oak) ContentSession(org.apache.jackrabbit.oak.api.ContentSession)

Aggregations

ContentSession (org.apache.jackrabbit.oak.api.ContentSession)146 Test (org.junit.Test)132 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)66 SimpleCredentials (javax.jcr.SimpleCredentials)60 Root (org.apache.jackrabbit.oak.api.Root)43 LoginException (javax.security.auth.login.LoginException)35 AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)26 Tree (org.apache.jackrabbit.oak.api.Tree)25 UserManager (org.apache.jackrabbit.api.security.user.UserManager)19 User (org.apache.jackrabbit.api.security.user.User)17 PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)15 GuestCredentials (javax.jcr.GuestCredentials)13 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)12 Principal (java.security.Principal)10 TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)10 CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)9 Group (org.apache.jackrabbit.api.security.user.Group)8 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)8 ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)7 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)6