Search in sources :

Example 6 with CugPolicy

use of org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy in project jackrabbit-oak by apache.

the class CugPolicyImplTest method testRemovePrincipals.

@Test
public void testRemovePrincipals() throws Exception {
    CugPolicy cug = new CugPolicyImpl(path, NamePathMapper.DEFAULT, principalManager, ImportBehavior.BESTEFFORT, ImmutableSet.of(testPrincipal, EveryonePrincipal.getInstance()));
    assertFalse(cug.removePrincipals(new PrincipalImpl("unknown")));
    assertTrue(cug.removePrincipals(testPrincipal, EveryonePrincipal.getInstance(), new PrincipalImpl("unknown")));
    assertTrue(cug.getPrincipals().isEmpty());
}
Also used : CugPolicy(org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 7 with CugPolicy

use of org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy in project jackrabbit-oak by apache.

the class CugPolicyImplTest method testAddEmptyPrincipalName.

@Test(expected = AccessControlException.class)
public void testAddEmptyPrincipalName() throws Exception {
    CugPolicy cug = new CugPolicyImpl(path, NamePathMapper.DEFAULT, principalManager, ImportBehavior.BESTEFFORT);
    cug.addPrincipals(new PrincipalImpl(""));
}
Also used : CugPolicy(org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 8 with CugPolicy

use of org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy in project jackrabbit-oak by apache.

the class CugPolicyImplTest method testGetPathWithRemapping.

@Test
public void testGetPathWithRemapping() {
    String oakPath = "/oak:testPath";
    NamePathMapper mapper = new NamePathMapperImpl(new LocalNameMapper(root, ImmutableMap.of("quercus", "http://jackrabbit.apache.org/oak/ns/1.0")));
    CugPolicy empty = new CugPolicyImpl(oakPath, mapper, principalManager, ImportBehavior.ABORT);
    assertEquals("/quercus:testPath", empty.getPath());
}
Also used : CugPolicy(org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy) NamePathMapper(org.apache.jackrabbit.oak.namepath.NamePathMapper) NamePathMapperImpl(org.apache.jackrabbit.oak.namepath.NamePathMapperImpl) LocalNameMapper(org.apache.jackrabbit.oak.namepath.LocalNameMapper) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 9 with CugPolicy

use of org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy in project jackrabbit-oak by apache.

the class CugPolicyImplTest method testAddInvalidPrincipalsAbort.

@Test(expected = AccessControlException.class)
public void testAddInvalidPrincipalsAbort() throws Exception {
    CugPolicy cug = new CugPolicyImpl(path, NamePathMapper.DEFAULT, principalManager, ImportBehavior.ABORT);
    cug.addPrincipals(EveryonePrincipal.getInstance(), new PrincipalImpl("unknown"));
}
Also used : CugPolicy(org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 10 with CugPolicy

use of org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy in project jackrabbit-oak by apache.

the class CugAccessControlManagerTest method testRemovePolicyRemovesMixin.

@Test
public void testRemovePolicyRemovesMixin() throws Exception {
    ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(root, NamePathMapper.DEFAULT);
    CugPolicy cug = getApplicableCug(SUPPORTED_PATH);
    cugAccessControlManager.setPolicy(SUPPORTED_PATH, cug);
    root.commit();
    assertTrue(ntMgr.isNodeType(root.getTree(SUPPORTED_PATH), MIX_REP_CUG_MIXIN));
    cugAccessControlManager.removePolicy(SUPPORTED_PATH, cugAccessControlManager.getPolicies(SUPPORTED_PATH)[0]);
    root.commit();
    assertFalse(ntMgr.isNodeType(root.getTree(SUPPORTED_PATH), MIX_REP_CUG_MIXIN));
}
Also used : CugPolicy(org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy) ReadOnlyNodeTypeManager(org.apache.jackrabbit.oak.plugins.nodetype.ReadOnlyNodeTypeManager) Test(org.junit.Test)

Aggregations

CugPolicy (org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy)20 Test (org.junit.Test)18 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)12 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)6 Principal (java.security.Principal)4 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)4 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)4 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)3 NamedAccessControlPolicy (javax.jcr.security.NamedAccessControlPolicy)2 Tree (org.apache.jackrabbit.oak.api.Tree)2 ArrayList (java.util.ArrayList)1 AccessControlManager (javax.jcr.security.AccessControlManager)1 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)1 PropertyState (org.apache.jackrabbit.oak.api.PropertyState)1 Root (org.apache.jackrabbit.oak.api.Root)1 LocalNameMapper (org.apache.jackrabbit.oak.namepath.LocalNameMapper)1 NamePathMapper (org.apache.jackrabbit.oak.namepath.NamePathMapper)1 NamePathMapperImpl (org.apache.jackrabbit.oak.namepath.NamePathMapperImpl)1 ReadOnlyNodeTypeManager (org.apache.jackrabbit.oak.plugins.nodetype.ReadOnlyNodeTypeManager)1 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)1