use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class AbstractCompositeProviderTest method testTreePermissionIsNotGranted.
@Test
public void testTreePermissionIsNotGranted() throws Exception {
PermissionProvider pp = createPermissionProvider();
TreePermission parentPermission = TreePermission.EMPTY;
PropertyState ps = PropertyStates.createProperty("propName", "val");
for (String path : TP_PATHS) {
Tree t = readOnlyRoot.getTree(path);
TreePermission tp = pp.getTreePermission(t, parentPermission);
assertFalse(tp.isGranted(Permissions.NO_PERMISSION));
assertFalse(tp.isGranted(Permissions.MODIFY_ACCESS_CONTROL));
assertFalse(tp.isGranted(Permissions.NO_PERMISSION, ps));
assertFalse(tp.isGranted(Permissions.MODIFY_ACCESS_CONTROL, ps));
parentPermission = tp;
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class CompositeAuthorizationConfigurationTest method testMultipleGetPermissionProvider3.
@Test
public void testMultipleGetPermissionProvider3() {
CompositeAuthorizationConfiguration cc = getCompositeConfiguration(new OpenAuthorizationConfiguration(), new OpenAuthorizationConfiguration());
PermissionProvider pp = cc.getPermissionProvider(root, root.getContentSession().getWorkspaceName(), Collections.<Principal>emptySet());
assertFalse(pp instanceof CompositePermissionProvider);
assertSame(EmptyPermissionProvider.getInstance(), pp);
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class AbstractCompositeProviderTest method testTreePermissionCanReadProperties.
@Test
public void testTreePermissionCanReadProperties() throws Exception {
PermissionProvider pp = createPermissionProvider();
TreePermission parentPermission = TreePermission.EMPTY;
for (String path : TP_PATHS) {
TreePermission tp = pp.getTreePermission(readOnlyRoot.getTree(path), parentPermission);
assertFalse(tp.canReadProperties());
parentPermission = tp;
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class PermissionTest method testHasPermission.
@Test
public void testHasPermission() throws Exception {
// create permissions
// allow rep:write /testroot
// allow jcr:removeNode /testroot/a/b
// deny jcr:removeNode /testroot/a/b/c
addEntry(TEST_ROOT_PATH, true, "", PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_WRITE);
addEntry(TEST_B_PATH, true, "", PrivilegeConstants.JCR_REMOVE_NODE);
addEntry(TEST_C_PATH, false, "", PrivilegeConstants.JCR_REMOVE_NODE);
ContentSession testSession = createTestSession();
try {
Root testRoot = testSession.getLatestRoot();
PermissionProvider pp = getPermissionProvider(testSession);
assertIsGranted(pp, testRoot, true, TEST_A_PATH, Permissions.REMOVE_NODE);
assertIsGranted(pp, testRoot, true, TEST_B_PATH, Permissions.REMOVE_NODE);
assertIsGranted(pp, testRoot, false, TEST_C_PATH, Permissions.REMOVE_NODE);
try {
testRoot.getTree(TEST_C_PATH).remove();
testRoot.commit();
fail("removing node on /a/b/c should fail");
} catch (CommitFailedException e) {
// all ok
}
} finally {
testSession.close();
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class RepoPolicyTreePermissionTest method getTreePermission.
@Nonnull
private TreePermission getTreePermission(@Nonnull ContentSession cs, @Nonnull String path) throws Exception {
Root r = cs.getLatestRoot();
PermissionProvider pp = config.getPermissionProvider(r, cs.getWorkspaceName(), cs.getAuthInfo().getPrincipals());
Tree t = r.getTree(PathUtils.ROOT_PATH);
TreePermission tp = pp.getTreePermission(t, TreePermission.EMPTY);
for (String name : PathUtils.elements(path)) {
t = t.getChild(name);
tp = pp.getTreePermission(t, tp);
}
return tp;
}
Aggregations