Examples with TreePermission org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission used on opensource projects

Search in sources :

Example 36 with TreePermission

use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.

the class EmptyCugTreePermissionTest method testJcrSystemPermissions.

@Test
public void testJcrSystemPermissions() throws Exception {
    NodeState system = rootState.getChildNode(JcrConstants.JCR_SYSTEM);
    TreePermission systemTp = tp.getChildPermission(JcrConstants.JCR_SYSTEM, system);
    assertCugPermission(systemTp, false);
    assertCugPermission(pp.getTreePermission(root.getTree("/jcr:system"), tp), false);
    NodeState versionStore = system.getChildNode(VersionConstants.JCR_VERSIONSTORAGE);
    TreePermission versionStoreTp = systemTp.getChildPermission(VersionConstants.JCR_VERSIONSTORAGE, versionStore);
    assertCugPermission(versionStoreTp, false);
    assertCugPermission(pp.getTreePermission(root.getTree(VersionConstants.VERSION_STORE_PATH), systemTp), false);
    NodeState nodeTypes = system.getChildNode(NodeTypeConstants.JCR_NODE_TYPES);
    TreePermission nodeTypesTp = systemTp.getChildPermission(NodeTypeConstants.JCR_NODE_TYPES, nodeTypes);
    assertSame(TreePermission.NO_RECOURSE, nodeTypesTp);
}
Also used : NodeState(org.apache.jackrabbit.oak.spi.state.NodeState) TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Test(org.junit.Test)

Example 37 with TreePermission

use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.

the class HiddenTest method testCombinedSetup.

@Test
public void testCombinedSetup() throws Exception {
    AccessControlManager acMgr = getAccessControlManager(root);
    try {
        AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
        acl.addAccessControlEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ));
        acMgr.setPolicy("/", acl);
        root.commit();
        PermissionProvider combined = getConfig(AuthorizationConfiguration.class).getPermissionProvider(readOnlyRoot, root.getContentSession().getWorkspaceName(), ImmutableSet.<Principal>of(EveryonePrincipal.getInstance()));
        assertFalse(combined.hasPrivileges(hiddenTree, PrivilegeConstants.JCR_READ));
        assertTrue(combined.getPrivileges(hiddenTree).isEmpty());
        assertTrue(combined.isGranted(hiddenTree, null, Permissions.ALL));
        assertTrue(combined.isGranted(hiddenTree.getPath(), Permissions.getString(Permissions.ALL)));
        Tree t = readOnlyRoot.getTree("/");
        TreePermission tp = combined.getTreePermission(t, TreePermission.EMPTY);
        for (String name : PathUtils.elements(hiddenTree.getPath())) {
            t = t.getChild(name);
            tp = combined.getTreePermission(t, tp);
        }
        assertTrue(tp.isGranted(Permissions.ALL));
    } finally {
        AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
        acl.addAccessControlEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ));
        acMgr.removePolicy("/", acl);
        root.commit();
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider) Tree(org.apache.jackrabbit.oak.api.Tree) TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Test(org.junit.Test)

Example 38 with TreePermission

use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.

the class HiddenTest method testTreePermission.

@Test
public void testTreePermission() {
    Tree t = readOnlyRoot.getTree("/");
    TreePermission tp = pp.getTreePermission(t, TreePermission.EMPTY);
    for (String name : PathUtils.elements(hiddenTree.getPath())) {
        assertCugPermission(tp, true);
        t = t.getChild(name);
        tp = pp.getTreePermission(t, tp);
    }
    assertSame(TreePermission.NO_RECOURSE, tp);
    assertEquals(Permissions.NO_PERMISSION, pp.supportedPermissions(tp, null, Permissions.READ));
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Test(org.junit.Test)

Example 39 with TreePermission

use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.

the class VersionTest method testTreePermissionAtVersionableAboveSupported.

@Test
public void testTreePermissionAtVersionableAboveSupported() throws Exception {
    Tree vh = checkNotNull(versionManager.getVersionHistory(root.getTree(SUPPORTED_PATH)));
    CugPermissionProvider pp = createCugPermissionProvider(ImmutableSet.of(SUPPORTED_PATH + "/a"));
    TreePermission tp = getTreePermission(root, vh.getPath(), pp);
    assertTrue(tp instanceof EmptyCugTreePermission);
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Test(org.junit.Test)

Example 40 with TreePermission

use of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission in project jackrabbit-oak by apache.

the class VersionTest method testVersionableWithCugParent.

@Test
public void testVersionableWithCugParent() throws Exception {
    addVersionContent("/content/aa/bb/cc");
    Tree cc = root.getTree("/content/aa/bb/cc");
    assertFalse(CugUtil.hasCug(cc));
    Tree vh = checkNotNull(versionManager.getVersionHistory(cc));
    Tree t = root.getTree("/");
    CugPermissionProvider pp = createCugPermissionProvider(ImmutableSet.of(SUPPORTED_PATH, SUPPORTED_PATH2), getTestGroupPrincipal());
    TreePermission tp = getTreePermission(root, vh.getPath(), pp);
    assertTrue(tp instanceof CugTreePermission);
    assertTrue(((CugTreePermission) tp).isInCug());
    assertTrue(((CugTreePermission) tp).isAllow());
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Test(org.junit.Test)

Aggregations

TreePermission (org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)109 Test (org.junit.Test)94 Tree (org.apache.jackrabbit.oak.api.Tree)53 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)41 ImmutableTree (org.apache.jackrabbit.oak.plugins.tree.impl.ImmutableTree)22 PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)11 NodeState (org.apache.jackrabbit.oak.spi.state.NodeState)10 AggregatedPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)8 PropertyState (org.apache.jackrabbit.oak.api.PropertyState)6 Nonnull (javax.annotation.Nonnull)4 AccessControlManager (javax.jcr.security.AccessControlManager)4 Root (org.apache.jackrabbit.oak.api.Root)4 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)3 TreeType (org.apache.jackrabbit.oak.plugins.tree.TreeType)3 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)3 Field (java.lang.reflect.Field)2 AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)2 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 CheckForNull (javax.annotation.CheckForNull)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial