Examples with RestrictionProvider org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider used on opensource projects

Search in sources :

Example 16 with RestrictionProvider

use of org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider in project jackrabbit-oak by apache.

the class CompositeRestrictionProviderTest method testValidateUnsupportedRestriction.

@Test
public void testValidateUnsupportedRestriction() throws Exception {
    RestrictionProvider rp = CompositeRestrictionProvider.newInstance(rp1, rp3);
    NodeUtil aceNode = new NodeUtil(root.getTree("/")).addChild("test", NT_REP_GRANT_ACE);
    NodeUtil rNode = aceNode.addChild(REP_RESTRICTIONS, NT_REP_RESTRICTIONS);
    rNode.setString("unsupported", "value");
    try {
        rp.validateRestrictions("/test", aceNode.getTree());
        fail("Validation must detect unsupported restriction");
    } catch (AccessControlException e) {
    // success
    }
}
Also used : RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) CompositeRestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.CompositeRestrictionProvider) AccessControlException(javax.jcr.security.AccessControlException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 17 with RestrictionProvider

use of org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider in project jackrabbit-oak by apache.

the class SecurityProviderRegistrationTest method testModified.

@Test
public void testModified() {
    registration.activate(context.bundleContext(), requiredServiceIdMap("rpId", "authorizationId"));
    registration.bindAuthorizationConfiguration(new AuthorizationConfigurationImpl(), ImmutableMap.of(Constants.SERVICE_PID, "authorizationId"));
    assertNull(context.getService(SecurityProvider.class));
    // modify requiredServiceIds by removing the rpId from the mandatory services
    // => should re-register the security provider
    registration.modified(requiredServiceIdMap("authorizationId"));
    SecurityProvider service = context.getService(SecurityProvider.class);
    assertNotNull(service);
    RestrictionProvider rp = service.getConfiguration(AuthorizationConfiguration.class).getRestrictionProvider();
    assertTrue(rp instanceof WhiteboardRestrictionProvider);
}
Also used : WhiteboardRestrictionProvider(org.apache.jackrabbit.oak.security.authorization.restriction.WhiteboardRestrictionProvider) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) AuthorizationConfigurationImpl(org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl) RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) WhiteboardRestrictionProvider(org.apache.jackrabbit.oak.security.authorization.restriction.WhiteboardRestrictionProvider) SecurityProvider(org.apache.jackrabbit.oak.spi.security.SecurityProvider) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 18 with RestrictionProvider

use of org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider in project jackrabbit-oak by apache.

the class SecurityProviderRegistrationTest method testModifiedPreconditionStillSatisfied.

@Test
public void testModifiedPreconditionStillSatisfied() {
    registration.activate(context.bundleContext(), requiredServiceIdMap("rpId", "authorizationId"));
    RestrictionProvider mockRp = Mockito.mock(RestrictionProvider.class);
    registration.bindRestrictionProvider(mockRp, ImmutableMap.of(Constants.SERVICE_PID, "rpId"));
    registration.bindAuthorizationConfiguration(new AuthorizationConfigurationImpl(), ImmutableMap.of(Constants.SERVICE_PID, "authorizationId"));
    SecurityProvider service = context.getService(SecurityProvider.class);
    assertNotNull(service);
    registration.modified(requiredServiceIdMap("authorizationId"));
    SecurityProvider service2 = context.getService(SecurityProvider.class);
    assertSame(service, service2);
}
Also used : RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) WhiteboardRestrictionProvider(org.apache.jackrabbit.oak.security.authorization.restriction.WhiteboardRestrictionProvider) AuthorizationConfigurationImpl(org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl) SecurityProvider(org.apache.jackrabbit.oak.spi.security.SecurityProvider) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 19 with RestrictionProvider

use of org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider in project jackrabbit-oak by apache.

the class SecurityProviderRegistrationTest method testBindRestrictionProviderWithAuthorizationConfig.

@Test
public void testBindRestrictionProviderWithAuthorizationConfig() {
    registration.activate(context.bundleContext(), requiredServiceIdMap("rpId", "authorizationId"));
    RestrictionProvider mockRp = Mockito.mock(RestrictionProvider.class);
    registration.bindRestrictionProvider(mockRp, ImmutableMap.of(Constants.SERVICE_PID, "rpId"));
    registration.bindAuthorizationConfiguration(new AuthorizationConfigurationImpl(), ImmutableMap.of(Constants.SERVICE_PID, "authorizationId"));
    SecurityProvider service = context.getService(SecurityProvider.class);
    RestrictionProvider rp = service.getConfiguration(AuthorizationConfiguration.class).getRestrictionProvider();
    assertTrue(rp instanceof WhiteboardRestrictionProvider);
}
Also used : WhiteboardRestrictionProvider(org.apache.jackrabbit.oak.security.authorization.restriction.WhiteboardRestrictionProvider) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) WhiteboardRestrictionProvider(org.apache.jackrabbit.oak.security.authorization.restriction.WhiteboardRestrictionProvider) AuthorizationConfigurationImpl(org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl) SecurityProvider(org.apache.jackrabbit.oak.spi.security.SecurityProvider) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 20 with RestrictionProvider

use of org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider in project jackrabbit-oak by apache.

the class ImmutableACLTest method testHashCode.

@Test
public void testHashCode() throws Exception {
    RestrictionProvider rp = getRestrictionProvider();
    ACE ace1 = createEntry(false, PrivilegeConstants.JCR_VERSION_MANAGEMENT);
    ACE ace2 = createEntry(true, PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    ACE ace2b = createEntry(true, PrivilegeConstants.REP_READ_NODES, PrivilegeConstants.REP_READ_PROPERTIES, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    JackrabbitAccessControlList acl = createACL(ace1, ace2);
    JackrabbitAccessControlList repoAcl = createACL((String) null, ace1, ace2);
    int hc = acl.hashCode();
    assertTrue(hc == createACL(ace1, ace2).hashCode());
    assertTrue(hc == createACL(ace1, ace2b).hashCode());
    assertTrue(repoAcl.hashCode() == createACL((String) null, ace1, ace2b).hashCode());
    assertFalse(hc == createACL(ace2, ace1).hashCode());
    assertFalse(hc == repoAcl.hashCode());
    assertFalse(hc == createEmptyACL().hashCode());
    assertFalse(hc == createACL("/anotherPath", ace1, ace2).hashCode());
    assertFalse(hc == new TestACL("/anotherPath", rp, getNamePathMapper(), ace1, ace2).hashCode());
    assertFalse(hc == new TestACL("/anotherPath", rp, getNamePathMapper(), ace1, ace2).hashCode());
    assertFalse(hc == new TestACL("/anotherPath", rp, getNamePathMapper()).hashCode());
    assertFalse(hc == new TestACL(getTestPath(), rp, getNamePathMapper(), ace1, ace2).hashCode());
}
Also used : RestrictionProvider(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) Test(org.junit.Test)

Aggregations

RestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider)20 Test (org.junit.Test)16 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)11 AuthorizationConfigurationImpl (org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl)7 CompositeRestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.CompositeRestrictionProvider)7 AccessControlException (javax.jcr.security.AccessControlException)5 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)5 WhiteboardRestrictionProvider (org.apache.jackrabbit.oak.security.authorization.restriction.WhiteboardRestrictionProvider)5 SecurityProvider (org.apache.jackrabbit.oak.spi.security.SecurityProvider)5 AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)5 ArrayList (java.util.ArrayList)4 AbstractRestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.AbstractRestrictionProvider)4 CompositeAuthorizationConfiguration (org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration)3 Nonnull (javax.annotation.Nonnull)2 PrivilegeManager (org.apache.jackrabbit.api.security.authorization.PrivilegeManager)2 Root (org.apache.jackrabbit.oak.api.Root)2 OpenAuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.OpenAuthorizationConfiguration)2 NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)2 ImmutableSet (com.google.common.collect.ImmutableSet)1 Sets.newHashSet (com.google.common.collect.Sets.newHashSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial