Example 1 with AbstractAccessControlManager
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testTestSessionHasRepoPrivileges.
@Test
public void testTestSessionHasRepoPrivileges() throws Exception {
AbstractAccessControlManager testAcMgr = getTestAccessControlManager();
assertFalse(testAcMgr.hasPrivileges(null, testPrivileges));
assertFalse(testAcMgr.hasPrivileges(null, getPrincipals(getTestRoot().getContentSession()), testPrivileges));
}
Also used :
AbstractAccessControlManager(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 2 with AbstractAccessControlManager
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testHasRepoPrivilegesNoAccessToPrincipals.
@Test
public void testHasRepoPrivilegesNoAccessToPrincipals() throws Exception {
AbstractAccessControlManager testAcMgr = getTestAccessControlManager();
// the test-session doesn't have sufficient permissions to read privilege set for admin session.
try {
testAcMgr.getPrivileges(null, getPrincipals(adminSession));
fail("testSession doesn't have sufficient permission to read access control information");
} catch (AccessDeniedException e) {
// success
}
}
Also used :
AbstractAccessControlManager(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager)
AccessDeniedException(javax.jcr.AccessDeniedException)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 3 with AbstractAccessControlManager
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testHasPrivilegesNotAccessiblePath.
/**
* @since OAK 1.0 As of OAK AccessControlManager#hasPrivilege will throw
* PathNotFoundException in case the node associated with a given path is
* not readable to the editing session (compatibility with the specification
* which was missing in jackrabbit).
*/
@Test
public void testHasPrivilegesNotAccessiblePath() throws Exception {
List<String> notAccessible = new ArrayList();
notAccessible.add("/");
notAccessible.addAll(getAcContentPaths());
Privilege[] privs = privilegesFromNames(PrivilegeConstants.JCR_ALL);
AbstractAccessControlManager testAcMgr = getTestAccessControlManager();
for (String path : notAccessible) {
try {
testAcMgr.hasPrivileges(path, privs);
fail("AccessControlManager#hasPrivileges for node that is not accessible should fail.");
} catch (PathNotFoundException e) {
// success
}
}
for (String path : notAccessible) {
try {
testAcMgr.hasPrivileges(path, getPrincipals(root.getContentSession()), privs);
fail("AccessControlManager#hasPrivileges for node that is not accessible should fail.");
} catch (PathNotFoundException e) {
// success
}
}
for (String path : notAccessible) {
try {
testAcMgr.hasPrivileges(path, getPrincipals(getTestRoot().getContentSession()), privs);
fail("AccessControlManager#hasPrivileges for node that is not accessible should fail.");
} catch (PathNotFoundException e) {
// success
}
}
for (String path : notAccessible) {
try {
testAcMgr.hasPrivileges(path, ImmutableSet.<Principal>of(), privs);
fail("AccessControlManager#hasPrivileges for node that is not accessible should fail.");
} catch (PathNotFoundException e) {
// success
}
}
}
Also used :
AbstractAccessControlManager(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager)
ArrayList(java.util.ArrayList)
PathNotFoundException(javax.jcr.PathNotFoundException)
Privilege(javax.jcr.security.Privilege)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 4 with AbstractAccessControlManager
use of org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testHasRepoPrivilegesForEmptyPrincipalSet.
@Test(expected = AccessDeniedException.class)
public void testHasRepoPrivilegesForEmptyPrincipalSet() throws Exception {
AbstractAccessControlManager testAcMgr = getTestAccessControlManager();
// the test-session doesn't have sufficient permissions to read privilege set.
testAcMgr.getPrivileges(null, ImmutableSet.<Principal>of());
}
Also used :
AbstractAccessControlManager(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Aggregations
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)4
AbstractAccessControlManager (org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager)4
Test (org.junit.Test)4
ArrayList (java.util.ArrayList)1
AccessDeniedException (javax.jcr.AccessDeniedException)1
PathNotFoundException (javax.jcr.PathNotFoundException)1
Privilege (javax.jcr.security.Privilege)1
