use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class PermissionProviderImplTest method testIsGrantedForReadPaths.
@Test
public void testIsGrantedForReadPaths() throws Exception {
ContentSession testSession = createTestSession();
try {
PermissionProvider pp = createPermissionProvider(testSession);
for (String path : READ_PATHS) {
assertTrue(pp.isGranted(path, Permissions.getString(Permissions.READ)));
assertTrue(pp.isGranted(path, Permissions.getString(Permissions.READ_NODE)));
assertTrue(pp.isGranted(path + '/' + JcrConstants.JCR_PRIMARYTYPE, Permissions.getString(Permissions.READ_PROPERTY)));
assertFalse(pp.isGranted(path, Permissions.getString(Permissions.READ_ACCESS_CONTROL)));
}
for (String path : READ_PATHS) {
Tree tree = root.getTree(path);
assertTrue(pp.isGranted(tree, null, Permissions.READ));
assertTrue(pp.isGranted(tree, null, Permissions.READ_NODE));
assertTrue(pp.isGranted(tree, tree.getProperty(JcrConstants.JCR_PRIMARYTYPE), Permissions.READ_PROPERTY));
assertFalse(pp.isGranted(tree, null, Permissions.READ_ACCESS_CONTROL));
}
RepositoryPermission rp = pp.getRepositoryPermission();
assertFalse(rp.isGranted(Permissions.READ));
assertFalse(rp.isGranted(Permissions.READ_NODE));
assertFalse(rp.isGranted(Permissions.READ_PROPERTY));
assertFalse(rp.isGranted(Permissions.READ_ACCESS_CONTROL));
} finally {
testSession.close();
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class PermissionProviderImplTest method testHasPrivileges.
@Test
public void testHasPrivileges() throws Exception {
ContentSession testSession = createTestSession();
try {
PermissionProvider pp = createPermissionProvider(testSession);
assertTrue(pp.hasPrivileges(null));
assertTrue(pp.hasPrivileges(null, new String[0]));
assertFalse(pp.hasPrivileges(null, PrivilegeConstants.JCR_WORKSPACE_MANAGEMENT));
} finally {
testSession.close();
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class PermissionProviderImplTest method testHasPrivilegesForReadPaths.
@Test
public void testHasPrivilegesForReadPaths() throws Exception {
ContentSession testSession = createTestSession();
try {
PermissionProvider pp = createPermissionProvider(testSession);
for (String path : READ_PATHS) {
Tree tree = root.getTree(path);
assertTrue(pp.hasPrivileges(tree, PrivilegeConstants.JCR_READ));
assertTrue(pp.hasPrivileges(tree, PrivilegeConstants.REP_READ_NODES));
assertTrue(pp.hasPrivileges(tree, PrivilegeConstants.REP_READ_PROPERTIES));
assertFalse(pp.hasPrivileges(tree, PrivilegeConstants.JCR_READ_ACCESS_CONTROL));
}
assertFalse(pp.hasPrivileges(null, PrivilegeConstants.JCR_READ));
} finally {
testSession.close();
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class HiddenTest method testCombinedSetup.
@Test
public void testCombinedSetup() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
try {
AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ));
acMgr.setPolicy("/", acl);
root.commit();
PermissionProvider combined = getConfig(AuthorizationConfiguration.class).getPermissionProvider(readOnlyRoot, root.getContentSession().getWorkspaceName(), ImmutableSet.<Principal>of(EveryonePrincipal.getInstance()));
assertFalse(combined.hasPrivileges(hiddenTree, PrivilegeConstants.JCR_READ));
assertTrue(combined.getPrivileges(hiddenTree).isEmpty());
assertTrue(combined.isGranted(hiddenTree, null, Permissions.ALL));
assertTrue(combined.isGranted(hiddenTree.getPath(), Permissions.getString(Permissions.ALL)));
Tree t = readOnlyRoot.getTree("/");
TreePermission tp = combined.getTreePermission(t, TreePermission.EMPTY);
for (String name : PathUtils.elements(hiddenTree.getPath())) {
t = t.getChild(name);
tp = combined.getTreePermission(t, tp);
}
assertTrue(tp.isGranted(Permissions.ALL));
} finally {
AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ));
acMgr.removePolicy("/", acl);
root.commit();
}
}
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider in project jackrabbit-oak by apache.
the class AbstractCompositeProviderTest method testIsGrantedNone.
@Test
public void testIsGrantedNone() throws Exception {
PermissionProvider pp = createPermissionProvider();
for (String p : NODE_PATHS) {
Tree tree = readOnlyRoot.getTree(p);
PropertyState ps = tree.getProperty(JcrConstants.JCR_PRIMARYTYPE);
assertFalse(p, pp.isGranted(tree, null, Permissions.NO_PERMISSION));
assertFalse(PathUtils.concat(p, JcrConstants.JCR_PRIMARYTYPE), pp.isGranted(tree, ps, Permissions.NO_PERMISSION));
}
}
Aggregations