Example 76 with TreePermission
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.
the class CompositeProviderScopeTest method testTreePermissionIsGrantedProperty.
@Test
public void testTreePermissionIsGrantedProperty() throws Exception {
TreePermission parentPermission = TreePermission.EMPTY;
for (String path : TP_PATHS) {
TreePermission tp = cppTestUser.getTreePermission(readOnlyRoot.getTree(path), parentPermission);
Long toTest = (defPermissions.containsKey(path)) ? defPermissions.get(path) : defPermissions.get(PathUtils.getAncestorPath(path, 1));
if (toTest != null) {
if (testProvider.isSupported(path)) {
assertTrue(tp.isGranted(Permissions.diff(toTest, Permissions.ADD_NODE | Permissions.ADD_PROPERTY), PROPERTY_STATE));
assertFalse(tp.isGranted(Permissions.ADD_PROPERTY, PROPERTY_STATE));
} else {
assertTrue(tp.isGranted(toTest, PROPERTY_STATE));
}
}
parentPermission = tp;
}
}
Also used :
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
Test(org.junit.Test)
Example 77 with TreePermission
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.
the class CompositeProviderScopeTest method testTreePermissionCanReadProperty.
@Test
public void testTreePermissionCanReadProperty() throws Exception {
Map<String, Boolean> readMap = ImmutableMap.<String, Boolean>builder().put(ROOT_PATH, false).put(TEST_PATH, true).put(TEST_A_PATH, true).put(TEST_A_B_PATH, true).put(TEST_A_B_C_PATH, true).put(TEST_A_B_C_PATH + "/nonexisting", true).build();
TreePermission parentPermission = TreePermission.EMPTY;
for (String nodePath : readMap.keySet()) {
Tree tree = readOnlyRoot.getTree(nodePath);
TreePermission tp = cppTestUser.getTreePermission(tree, parentPermission);
assertEquals(nodePath, readMap.get(nodePath), tp.canRead(PROPERTY_STATE));
parentPermission = tp;
}
}
Also used :
Tree(org.apache.jackrabbit.oak.api.Tree)
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
Test(org.junit.Test)
Example 78 with TreePermission
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.
the class CompositeProviderScopeTest method testTreePermissionCanReadAllAdmin.
@Test
public void testTreePermissionCanReadAllAdmin() {
TreePermission parentPermission = TreePermission.EMPTY;
for (String nodePath : TP_PATHS) {
Tree tree = readOnlyRoot.getTree(nodePath);
TreePermission tp = cppAdminUser.getTreePermission(tree, parentPermission);
assertFalse(nodePath, tp.canReadAll());
assertTrue(nodePath, tp.canReadProperties());
parentPermission = tp;
}
parentPermission = TreePermission.EMPTY;
for (String nodePath : PATH_OUTSIDE_SCOPE) {
Tree tree = readOnlyRoot.getTree(nodePath);
TreePermission tp = cppAdminUser.getTreePermission(tree, parentPermission);
assertFalse(nodePath, tp.canReadAll());
assertTrue(nodePath, tp.canReadProperties());
parentPermission = tp;
}
}
Also used :
Tree(org.apache.jackrabbit.oak.api.Tree)
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
Test(org.junit.Test)
Example 79 with TreePermission
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.
the class CompositeTreePermissionTest method testMultipleNoRecurse.
@Test
public void testMultipleNoRecurse() {
TreePermission rootTp = createRootTreePermission(new NoScopeProvider(root), new NoScopeProvider(root));
assertCompositeTreePermission(true, rootTp);
assertSame(TreePermission.EMPTY, rootTp.getChildPermission("test", rootTree.getChild("test").getNodeState()));
}
Also used :
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 80 with TreePermission
use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.
the class CompositeTreePermissionTest method testMultiple.
@Test
public void testMultiple() {
TreePermission rootTp = createRootTreePermission(fullScopeProvider, fullScopeProvider);
assertCompositeTreePermission(true, rootTp);
TreePermission testTp = rootTp.getChildPermission("test", rootTree.getChild("test").getNodeState());
assertCompositeTreePermission(true, testTp);
}
Also used :
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Aggregations
TreePermission (org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)109
Test (org.junit.Test)94
Tree (org.apache.jackrabbit.oak.api.Tree)53
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)41
ImmutableTree (org.apache.jackrabbit.oak.plugins.tree.impl.ImmutableTree)22
PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)11
NodeState (org.apache.jackrabbit.oak.spi.state.NodeState)10
AggregatedPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)8
PropertyState (org.apache.jackrabbit.oak.api.PropertyState)6
Nonnull (javax.annotation.Nonnull)4
AccessControlManager (javax.jcr.security.AccessControlManager)4
Root (org.apache.jackrabbit.oak.api.Root)4
JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)3
TreeType (org.apache.jackrabbit.oak.plugins.tree.TreeType)3
NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)3
Field (java.lang.reflect.Field)2
AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)2
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
CheckForNull (javax.annotation.CheckForNull)1
