Search in sources :

Example 1 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class InternalSecurityProviderTest method testSetAuthorizationConfiguration.

@Test
public void testSetAuthorizationConfiguration() {
    AuthorizationConfiguration ac = Mockito.mock(AuthorizationConfiguration.class);
    when(ac.getParameters()).thenReturn(PARAMS);
    securityProvider.setAuthorizationConfiguration(ac);
    assertSame(ac, securityProvider.getConfiguration(AuthorizationConfiguration.class));
    for (SecurityConfiguration sc : securityProvider.getConfigurations()) {
        if (sc instanceof AuthorizationConfiguration) {
            assertSame(ac, sc);
        }
    }
    assertEquals(PARAMS, securityProvider.getParameters(AuthorizationConfiguration.NAME));
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) SecurityConfiguration(org.apache.jackrabbit.oak.spi.security.SecurityConfiguration) Test(org.junit.Test)

Example 2 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class SecurityProviderRegistrationTest method testAuthorizationContext.

@Test
public void testAuthorizationContext() throws Exception {
    Tree t = root.getTree("/");
    Field f = registration.getClass().getDeclaredField("authorizationConfiguration");
    f.setAccessible(true);
    AuthorizationConfiguration ac = new AuthorizationConfigurationImpl();
    registration.bindAuthorizationConfiguration(ac, PROPS);
    CompositeAuthorizationConfiguration cac = (CompositeAuthorizationConfiguration) f.get(registration);
    Context ctx = cac.getContext();
    assertContext(ctx, 1, t, false);
    AuthorizationConfiguration ac1 = mockConfiguration(AuthorizationConfiguration.class);
    registration.bindAuthorizationConfiguration(ac1, PROPS);
    cac = (CompositeAuthorizationConfiguration) f.get(registration);
    ctx = cac.getContext();
    assertContext(ctx, 2, t, true);
    AuthorizationConfiguration ac2 = mockConfiguration(AuthorizationConfiguration.class);
    registration.bindAuthorizationConfiguration(ac2, PROPS);
    cac = (CompositeAuthorizationConfiguration) f.get(registration);
    ctx = cac.getContext();
    assertContext(ctx, 3, t, true);
    // unbind again:
    registration.unbindAuthorizationConfiguration(ac1, PROPS);
    cac = (CompositeAuthorizationConfiguration) f.get(registration);
    ctx = cac.getContext();
    assertContext(ctx, 2, t, true);
    registration.unbindAuthorizationConfiguration(ac, PROPS);
    cac = (CompositeAuthorizationConfiguration) f.get(registration);
    ctx = cac.getContext();
    assertContext(ctx, 1, t, true);
    registration.unbindAuthorizationConfiguration(ac2, PROPS);
    cac = (CompositeAuthorizationConfiguration) f.get(registration);
    ctx = cac.getContext();
    assertContext(ctx, 0, t, false);
}
Also used : OsgiContext(org.apache.sling.testing.mock.osgi.junit.OsgiContext) Context(org.apache.jackrabbit.oak.spi.security.Context) Field(java.lang.reflect.Field) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) AuthorizationConfigurationImpl(org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl) Tree(org.apache.jackrabbit.oak.api.Tree) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 3 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class SecurityProviderRegistrationTest method testAuthorizationRanking.

@Test
public void testAuthorizationRanking() throws Exception {
    Field f = registration.getClass().getDeclaredField("authorizationConfiguration");
    f.setAccessible(true);
    AuthorizationConfiguration testAc = mockConfiguration(AuthorizationConfiguration.class);
    registration.bindAuthorizationConfiguration(testAc, ConfigurationParameters.EMPTY);
    AuthorizationConfigurationImpl ac = new AuthorizationConfigurationImpl();
    ac.setParameters(ConfigurationParameters.of(CompositeConfiguration.PARAM_RANKING, 500));
    registration.bindAuthorizationConfiguration(ac, PROPS);
    AuthorizationConfiguration testAc2 = mockConfiguration(AuthorizationConfiguration.class);
    Map<String, Object> props = ImmutableMap.<String, Object>of(Constants.SERVICE_RANKING, new Integer(100));
    registration.bindAuthorizationConfiguration(testAc2, props);
    CompositeAuthorizationConfiguration cac = (CompositeAuthorizationConfiguration) f.get(registration);
    List<AuthorizationConfiguration> list = cac.getConfigurations();
    assertEquals(3, list.size());
    assertSame(ac, list.get(0));
    assertSame(testAc2, list.get(1));
    assertSame(testAc, list.get(2));
}
Also used : Field(java.lang.reflect.Field) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) AuthorizationConfigurationImpl(org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 4 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class AbstractCompositeProviderTest method createPermissionProvider.

CompositePermissionProvider createPermissionProvider(Set<Principal> principals) {
    String workspaceName = root.getContentSession().getWorkspaceName();
    AuthorizationConfiguration config = getConfig(AuthorizationConfiguration.class);
    return new CompositePermissionProvider(root, getAggregatedProviders(workspaceName, config, principals), config.getContext(), CompositionType.AND, getRootProvider());
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)

Example 5 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class CompositeAuthorizationConfigurationTest method getCompositeConfiguration.

private CompositeAuthorizationConfiguration getCompositeConfiguration(AuthorizationConfiguration... entries) {
    CompositeAuthorizationConfiguration compositeConfiguration = new CompositeAuthorizationConfiguration(getSecurityProvider());
    compositeConfiguration.setRootProvider(getRootProvider());
    compositeConfiguration.setTreeProvider(getTreeProvider());
    for (AuthorizationConfiguration ac : entries) {
        compositeConfiguration.addConfiguration(ac);
    }
    return compositeConfiguration;
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) OpenAuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.OpenAuthorizationConfiguration)

Aggregations

AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)24 Test (org.junit.Test)11 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)10 PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)8 CompositeAuthorizationConfiguration (org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration)6 SecurityProvider (org.apache.jackrabbit.oak.spi.security.SecurityProvider)6 EmptyPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider)6 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)5 Principal (java.security.Principal)3 Tree (org.apache.jackrabbit.oak.api.Tree)3 AuthorizationConfigurationImpl (org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl)3 Field (java.lang.reflect.Field)2 OpenAuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.OpenAuthorizationConfiguration)2 AggregatedPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)2 RestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider)2 ArrayList (java.util.ArrayList)1 Nonnull (javax.annotation.Nonnull)1 RepositoryException (javax.jcr.RepositoryException)1 AccessControlManager (javax.jcr.security.AccessControlManager)1 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)1